I am currently using ActiveMQ v5.14 and have been using it in production for
quite a long time without any issues. I want to use authentication and
authorization in ActiveMQ but haven't because of lack of Kerberos support
and have been following - https://issues.apache.org/jira/browse/AMQ-4693. I
am not sure when this will be available.
Artemis documentation mentions Kerberos support in Security section but it
isn't clear to what extent it is supported. I mainly use Openwire and STOMP
protocol. Clients are JMS, .NET, Python/Perl/JS (STOMP)
- is it available for tcp connector?
- can i use it with STOMP protocol
- How will kerberos authentication work? Any examples for this
- how authorization will be done with respect to a user? How will Artemis
know which user has which role?
Other compatibility concerns are like:
- current clients being able to connect to Artemis without any issues. Is
there a migration guide for server/client?
-Automatically destroy offline durable subscribers etc.
It would be really helpful to know what support from above is present in
current Artemis version and to what extent or if I should log any JIRA.
Security and Kerberos support would be a big motivation for me to migrate to
Artemis. I am really excited to see Artemis as ActiveMQ 6.
1) Artemis supports its own CORE protocol (JMS), OpenWire(JMS), STOMP,
AMQP, and MQTT. So it supports the same protocols as the 5.x broker along
with the CORE protocol.
2) For migration of clients, if you are just using JMS you can just use the
native CORE protocol and migrate easily. You also have the option to use
OpenWire so all existing clients wouldn't need to change anything.
3) There is no KahaDB or MultiKahaDB as the journal is a completely
different implementation. However there is a paging store so messages will
go to their own directory on the filesystem which is similar to
MultiKahaDB. The journal also has compaction so the issues of KahaDB not
cleaning up shouldn't be a problem with Artemis.
4) For connectors your can use TCP and websockets (and TLS enable if you
5) For authorization take a look at the above links.
For Kerberos I will let someone else answer as I haven't used it yet.
Thanks Christopher for the migration guide. It wasn't linked in the artemis
user manual. It is a useful resource.
As I mentioned Kerberos support would be a big motivation for an early
migration to Artemis. In the user manual it isn't clear to what extent
Kerberos is supported like it is mentioned only for amqp transport.
Can I use Kerberos with tcp connector and STOMP protocol? Any docs or
examples for configuring this would be of great help.