The article http://activemq.apache.org/jmsxuserid.html has the following: Note, though, that for SSL certificate based authentication, e.g., when using TextFileCertificateLoginModule JAAS module, this will change the semantics of the broker-provided JMSXUserID. Instead of returning the DN of the certificate, it will provide the name the DN is mapped to by the JAAS module.
Which seems to imply that when not using TextFileCertificateLoginModule JAAS plugin someone will place DN from certificate into JMSXUserID... I have SSL client auth enabled on the broker via needClientAutt=true and this.broker.setPopulateJMSXUserID(true); this.broker.setUseAuthenticatedPrincipalForJMSXUserID(true); and my java test client app is configured for proper SSL handshake. What I observe that when user name/password is provided when connection is established JMSXUserID is populated with specified user name, but when connection is anonymous, JMSXUserID is empty... The question how to configure my test such that DN from certificate will be set as user id? -- View this message in context: http://activemq.2283324.n4.nabble.com/SSL-certificate-based-authentication-tp4664779.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.