git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Artemis Rest Interface JAAS


What I described in my previous post are securing all URLs via web.xml.  I am
using a Servlet filter to enforce basic authentication using the same
security realm as the Artemis server.  The issue is that the security
credential from war is not carried over to Artemis server as the server has
it own security turned on although they both use the same realm.  Here is
the sequence (and you can see it from the stacktrace)

1. curl --user user:password http://localhost:8161/queue/myQueue
2. the Servlet filter authenticated and authorized the access
3. artemis-reat creates session at
org.apache.activemq.artemis.rest.queue.QueueDestinationsResource.java:102.  
4. It passes hard-coded null for both user and password at
org.apache.activemq.artemis.rest.queue.QueueDestinationsResource.findQueue(QueueDestinationsResource.java:102)
5. Exception thrown from server that username is null.

I am hoping there is a way to pass authenticated credential from step 2 to
step 3, then 4.  Or better yet, avoid the 2nd authentication and
authorization at Artemis server (with security on) all together.

It seems to me that artemis-rest expects us to secure rest interface URLs
with Artemis server security turned off.  In my case, I am hoping to secure
both rest interface URLs and tcp:61616 so that client can post message via
rest or via normal JMS protocol.  Is it possible?



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html