Chapter 6. Securing ActiveMQ

 

This chapter covers

  • How to use authentication in ActiveMQ
  • How to use authorization in ActiveMQ
  • How to create a custom security plug-in for ActiveMQ
  • Using certificate-based security with ActiveMQ

Securing access to the message broker and its destinations is a common concern. For this reason, ActiveMQ provides a flexible and customizable security model that can be adapted to the security mechanisms used in your environment.

Before we begin our discussion about security with ActiveMQ, a brief review of some basic terms related to security and how they fit into the ActiveMQ security model is in order.

Authentication is the process used to verify the integrity of an entity or a user that’s requesting access to a secured resource. Some common forms of authentication include plain-text passwords, one-time password devices, smart cards, or Kerberos, just to name a few. ActiveMQ provides simple authentication and JAAS (Java Authentication and Authorization Service) authentication, as well as an API for writing custom authentication plug-ins. Upon successful authentication, access to the system is granted, but access to perform operations using the system resources may require specific authorization.

6.1. Authentication

6.2. Authorization

6.3. Building a custom security plug-in

6.4. Certificate-based security

6.5. Summary