qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aidan Skinner" <ai...@apache.org>
Subject Re: Java broker + management console JMX authentication
Date Thu, 04 Dec 2008 14:51:24 GMT
On Wed, Dec 3, 2008 at 1:41 PM, Martin Ritchie <ritchiem@apache.org> wrote:

> From a brief look at the JMXRemote specification
> (http://www.ece.uic.edu/~cpress/jmx/jmx_remote-1_0-fr-specJSR-000160.pdf)
> my favoured approach would be to see what MX4J has to offer but we
> should look do some form of protocol negotiation. So we can more
> easily decide what authentication we wish to perform over the

I feel quite strongly that whatever we choose to do is a) secure and
b) transparent to the user. They shouldn't care about things like
password file format on the broker, this is clearly insane.

I would like to see a solution using SASL that allows/requires us to
connect over SSL. SSL + either SASL/PLAIN or x509 certificate
verification would be my ideal.

- Aidan
-- 
Apache Qpid - World Domination through Advanced Message Queueing
http://cwiki.apache.org/qpid
"Have we anything resembling a plan?" "Mm-hm. Ride till we find
them... and kill them all." - The 13th Warrior

Mime
View raw message