Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-3420

Doc: Provide a way for broker plugins to get access to clients' TLS certificate information

    XMLWordPrintable

Details

    Description

      The Artemis plug-in infrastructure, as it presently stands, provides no way for plug-ins to get access to TLS certificate information of clients that are making requests on the broker. Once a client is authentication, so far as the plug-in infrastructure is concerned, any further security-related decisions will be made by the broker itself.

      In ActiveMQ it was possible for a plug-in to to get access to this information, so it was possible for a plug-in to control broker operation according to a customer security policy based on client certificates.

      To provide comparable functionality in Artemis, it will be necessary of information derived from the Netty connector's SSL context to propagate all the way up to the plug-in layer.

      Attachments

        Issue Links

          clones

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. ENTMQBR-2756 Provide a way for broker plugins to get access to clients' TLS certificate information

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              jbyrne@redhat.com John Byrne
              jbyrne@redhat.com John Byrne
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: