Is it possiable to extend the default authorizationPlugin?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Is it possiable to extend the default authorizationPlugin?

martin_activeMQ
Hi All,

I would like to extend the default ActiveMQ authorizationPlugin with some
custom logic, but unfortunately I was not able to find any information how
to do that in the official documentation, there is an information about the
JaaS Authentication but nothing about the authorization. The reason why I'd
like to extend the authorizationPlugin is because is not so comfortable to
add authorizationEntry entry for each queue or topic and I'd like read the
ACL information not from the authorizationEntry but  from the certificate
used by the client when the client is connected to the message broker.

Any advice and suggestions will be greatly appreciated



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-f2368404.html
Reply | Threaded
Open this post in threaded view
|

Re: Is it possiable to extend the default authorizationPlugin?

christopher.l.shannon
You can extend the AuthorizationBroker class and add your custom logic.
Then you can write a custom plugin to install that.  Take a look at the
following two classes:

The authorization plugin class is small and is how the AuthorizationBroker
is installed as a plugin. You would create your own plugin class instead of
this one to install your plugin.
https://github.com/apache/activemq/blob/master/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationPlugin.java

The broker class does the actual work and is installed by the plugin class
into the Broker chain.  You can extend this class:
https://github.com/apache/activemq/blob/master/activemq-broker/src/main/java/org/apache/activemq/security/AuthorizationBroker.java


On Mon, Oct 30, 2017 at 5:45 AM, martin_activeMQ <
[hidden email]> wrote:

> Hi All,
>
> I would like to extend the default ActiveMQ authorizationPlugin with some
> custom logic, but unfortunately I was not able to find any information how
> to do that in the official documentation, there is an information about the
> JaaS Authentication but nothing about the authorization. The reason why I'd
> like to extend the authorizationPlugin is because is not so comfortable to
> add authorizationEntry entry for each queue or topic and I'd like read the
> ACL information not from the authorizationEntry but  from the certificate
> used by the client when the client is connected to the message broker.
>
> Any advice and suggestions will be greatly appreciated
>
>
>
> --
> Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-
> f2368404.html
>
Reply | Threaded
Open this post in threaded view
|

Re: Is it possiable to extend the default authorizationPlugin?

martin_activeMQ
Hi  Christopher,

Thank you for the directions!
It works like a charm!

Best Regards,
Marin



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-Dev-f2368404.html