[prev in list] [next in list] [prev in thread] [next in thread] 

List:       activemq-users
Subject:    Re: Can I connect to a vm URL without a password?
From:       Tim Bain <tbain () alumni ! duke ! edu>
Date:       2018-03-29 18:11:49
Message-ID: CAPVVMa89=Zo+=ZYLux+7ov7riQbS=snsqKA_CKsqeg-FK9wcxQ () mail ! gmail ! com
[Download RAW message or body]


Thanks for creating the request; what you did sounds fine.

Tim

On Thu, Mar 29, 2018, 11:31 AM Quinn Stevenson <quinn@pronoia-solutions.com>
wrote:

> Thanks for all your help Tim.
>
> I created https://issues.apache.org/jira/browse/AMQ-6941 <
> https://issues.apache.org/jira/browse/AMQ-6941> for this request, and I
> put a link to the example implementation in the JIRA rather than the
> source.  I did it that way because the jar with the plugin is in Maven
> Central, and the source can be found on Github.
>
> I'll be moving this customer to Artemis in the near future - I guess I'll
> have to look at doing the same thing in Artemis.
>
> Thanks Again
>
>
> > On Mar 27, 2018, at 7:12 AM, Tim Bain <tbain@alumni.duke.edu> wrote:
> >
> > Quinn,
> >
> > Great, I'm glad you got it working.
> >
> > Yes, I think there would be benefit to having this capability. However,
> I'm
> > not sure if what you've implemented is the ideal implementation from a
> > long-term maintenance standpoint (I suspect that we'd want to fold it
> into
> > the Simple Authentication Plugin, with configuration options to turn it
> on
> > and off and possibly a way to specify the set of protocols that do not
> > require authentication), so I suggest you create an enhancement request
> in
> > JIRA and attach your implementation to it. Whoever implements the
> > enhancement request can use the core of your code and wrap the
> appropriate
> > options around it in the Simple Authentication Plugin (or wherever else),
> > and anyone who wants the capability before it gets implemented officially
> > can grab your plugin file off of the enhancement request.
> >
> > Tim
> >
> > On Mon, Mar 26, 2018, 9:48 PM Quinn Stevenson <
> quinn@pronoia-solutions.com>
> > wrote:
> >
> >> Thanks Tim - I think I've got one working now.
> >>
> >> I wound up casting the result of getConnector() to TransportConnector
> and
> >> then calling getName() - it looks like it has what I need.
> >>
> >> I've got a version running locally now, and it seems to be doing what
> I'm
> >> after.  Thanks for all of your help.
> >>
> >> BTW - let me know if you think this is something the community would
> like
> >> and I'll put together a PR for it.
> >>
> >> Thanks Again
> >> Quinn
> >>
> >>> On Mar 25, 2018, at 11:11 PM, Tim Bain <tbain@alumni.duke.edu> wrote:
> >>>
> >>> Quinn,
> >>>
> >>> I think you should be able to access the URI to which the connection is
> >>> bound by calling
> >>>
> ((TransportConnector)context.getConnector()).getServer().getConnectURI(),
> >>> and then you can parse the protocol out of it. But it's not something
> >> I've
> >>> personally done and I don't have time to try it right now, so this is
> >>> purely conjecture based on the documentation plus reading the code. So
> if
> >>> that doesn't work, I apologize, but let me know how it blows up and I
> can
> >>> try to help further.
> >>>
> >>> Tim
> >>>
> >>> On Thu, Mar 22, 2018 at 10:22 AM, Quinn Stevenson <
> >>> quinn@pronoia-solutions.com> wrote:
> >>>
> >>>> Thank you Tim -
> >>>>
> >>>> I was afraid you were going to say that :-)
> >>>>
> >>>> I was looking at the SimpleAuthenticationPlugin /
> >>>> SimpleAuthenticationBroker, and I have an idea how to do this.  The
> one
> >>>> thing I'm not sure about is how I can tell when the connection is
> coming
> >>>> via a VM URL - do you have any hints on that?
> >>>>
> >>>>
> >>>>> On Mar 21, 2018, at 7:21 PM, Tim Bain <tbain@alumni.duke.edu> wrote:
> >>>>>
> >>>>> I'm not sure there's a built-in way to do this without writing any
> >> code,
> >>>>> but you should be able to write a simple security plugin that allows
> >> you
> >>>> to
> >>>>> allow or deny connections based on their transport and whether they
> are
> >>>>> anonymous. The bottom of http://activemq.apache.org/security.html
> has
> >>>>> details about how to get started.
> >>>>>
> >>>>> Tim
> >>>>>
> >>>>> On Wed, Mar 21, 2018, 6:08 PM Quinn Stevenson <
> >>>> quinn@pronoia-solutions.com>
> >>>>> wrote:
> >>>>>
> >>>>>> I have several components running inside the same JVM as ActiveMQ,
> and
> >>>>>> they connect to the broker using a vm URL.  Guest access to the
> broker
> >>>> has
> >>>>>> been disabled for security reasons, but I'd like the embedded
> >>>> components to
> >>>>>> be able to connect to the broker without a username or password.
> >>>>>>
> >>>>>> Is there a way to configure ActiveMQ to allow anonymous/guest access
> >> for
> >>>>>> VM connections only?
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>
> >>>>
> >>
> >>
>
>


[prev in list] [next in list] [prev in thread] [next in thread]