-
Story
-
Resolution: Duplicate
-
Undefined
-
None
-
False
-
None
-
False
-
Compatibility/Configuration, User Experience
-
-
Develop
The security CR exposes some of the capability of JAAS, however it is incomplete and always will be because JAAS is extensible by definition.
A user should be able to provided a complete JAAS config in a secret and reference this via the Artemis CR extra mounts directive.
A config map the ends in "-jaas-config" will be treated as JAAS config and configured for the broker
Upstream: extra mounts secret xx-jaas-config in https://github.com/artemiscloud/activemq-artemis-operator/issues/356
By externalising the full login.config, there are no limits on what can be configured and the existing jaas login.config confirmation format does not need to be replicated in a CR.
All of the available login modules can be configured in this way.
There is one potential catch, the operator still needs to securely access the broker, so it needs an identity in user provided configuration if the login is required.
- depends on
-
ENTMQBR-6980 properties config - allow role configuration
-
- Closed
-
-
-
- Closed
-
- incorporates
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- is related to
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
