Dear ActiveMQ people,
we have a neatly working setup of several ActiveMQ 5 brokers which rely on an
LDAP server for authorization.
The configuration in activemq.xml looks roughly like this (some parts omitted):
<plugins>
<jaasAuthenticationPlugin configuration="LdapConfiguration" />
<authorizationPlugin>
<map>
<cachedLDAPAuthorizationMap
connectionURL="ldap://my.ldap.server:389";
connectionUsername="..."
connectionPassword="..."
queueSearchBase="..."
topicSearchBase="..."
tempSearchBase="..."
refreshInterval="300000"
legacyGroupMapping="false"
groupObjectClass="groupOfNames"
permissionGroupMemberAttribute="member"
userObjectClass="person"
userNameAttribute="uid"
/>
</map>
</authorizationPlugin>
</plugins>
Now we plan to add some redundancy / high-availability for the LDAP part by
using two or more mirrored LDAP servers. My simple question is: Does ActiveMQ
have support for working with multiple LDAP servers?
The documentation at
https://activemq.apache.org/cached-ldap-authorization-module does not give any
hint on whether the connectionURL can specify multiple servers.
However I found another reference to the JAAS LDAP Login Module at
https://access.redhat.com/documentation/en-us/red_hat_jboss_a-mq/6.3/html/security_guide/esbsecurecontainer#JAASAuth-LDAPLoginModule,
which seems to indicate that connection.url may specify multiple URLs as a
space-separated list.
Can I expect that to work also in the ActiveMQ context?
Best regards,
Janus
DFS Deutsche Flugsicherung GmbH
Am DFS-Campus
D - 63225 Langen
Tel.: +49-(0)6103-707-0
Sitz der Gesellschaft: Langen/Hessen
Zustaendiges Registergericht: AG Offenbach am Main, HRB 34977
Vorsitzende des Aufsichtsrats: Dr. Martina Hinricher
Geschaeftsfuehrer: Prof. Klaus-Dieter Scheurle (Vors.), Robert Schickling, Dr.
Michael Hann
Internet: http://www.dfs.de
Public-Key der DFS: http://www.dfs.de/dfs/public_key.asc
