When we are using ActiveMQ for blob messaging we need to specify a blobTransferPolicyto send files to file server in ActiveMQ(default location - http://localhost:8161/fileserver/). I have secured the embedded broker and broker connection using https protocol and simple authentication plugin. But file server URL is isolated URL from broker connection. So anyone can put junk data into file server. So make file server connection as authentication. I used same authentication mechanism used in ActiveMQ web portal.
Added a file server URL pattern into the jetty.xml file. <bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping"> <property name="constraint" ref="securityConstraint" /> <property name="pathSpec" value="/api/*,/admin/*,*.jsp,/fileserver/*" /> </bean> Then made a simple authentication jms.blobTransferPolicy.UploadUrl=http://admin:admin@localhost:8161/fileserver/ It shows file server is secured. But doesn't work with simple URL authentication (username:passwd). It throws *Is there any way to secure file server embedded with ActiveMQ* -- View this message in context: http://activemq.2283324.n4.nabble.com/Secure-activemq-upload-URL-while-using-Blob-Messaging-tp4702004.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
