Chapter 6. Securing ActiveMQ
This chapter covers
Securing access to the message broker and its destinations is a common concern. For this reason, ActiveMQ provides a flexible and customizable security model that can be adapted to the security mechanisms used in your environment.
Before we begin our discussion about security with ActiveMQ, a brief review of some basic terms related to security and how they fit into the ActiveMQ security model is in order.
Authentication is the process used to verify the integrity of an entity or a user that’s requesting access to a secured resource. Some common forms of authentication include plain-text passwords, one-time password devices, smart cards, or Kerberos, just to name a few. ActiveMQ provides simple authentication and JAAS (Java Authentication and Authorization Service) authentication, as well as an API for writing custom authentication plug-ins. Upon successful authentication, access to the system is granted, but access to perform operations using the system resources may require specific authorization.