ActiveMix - JAAS

JASS LoginModule(s) using JWT tokens

License

License

Categories

Categories

JAAS: Jakarta Authentication & Jakarta Authorization Jakarta EE Jakarta Security
GroupId

GroupId

org.apifocal.activemix.jaas
ArtifactId

ArtifactId

activemix-jaas
Last Version

Last Version

1.0.0.rc1
Release Date

Release Date

Type

Type

pom
Description

Description

ActiveMix - JAAS
JASS LoginModule(s) using JWT tokens
Project Organization

Project Organization

apifocal

Download activemix-jaas

How to add to project

<!-- https://jarcasting.com/artifacts/org.apifocal.activemix.jaas/activemix-jaas/ -->
<dependency>
    <groupId>org.apifocal.activemix.jaas</groupId>
    <artifactId>activemix-jaas</artifactId>
    <version>1.0.0.rc1</version>
    <type>pom</type>
</dependency>
// https://jarcasting.com/artifacts/org.apifocal.activemix.jaas/activemix-jaas/
implementation 'org.apifocal.activemix.jaas:activemix-jaas:1.0.0.rc1'
// https://jarcasting.com/artifacts/org.apifocal.activemix.jaas/activemix-jaas/
implementation ("org.apifocal.activemix.jaas:activemix-jaas:1.0.0.rc1")
'org.apifocal.activemix.jaas:activemix-jaas:pom:1.0.0.rc1'
<dependency org="org.apifocal.activemix.jaas" name="activemix-jaas" rev="1.0.0.rc1">
  <artifact name="activemix-jaas" type="pom" />
</dependency>
@Grapes(
@Grab(group='org.apifocal.activemix.jaas', module='activemix-jaas', version='1.0.0.rc1')
)
libraryDependencies += "org.apifocal.activemix.jaas" % "activemix-jaas" % "1.0.0.rc1"
[org.apifocal.activemix.jaas/activemix-jaas "1.0.0.rc1"]

Dependencies

There are no dependencies for this project. It is a standalone project that does not depend on any other jars.

Project Modules

  • activemix-auth-token
  • activemix-auth-token-spring

activemix

Governance Tools for Messaging Systems based on Apache ActiveMQ 5.x

Security

ActiveMQ security tests use the common naming convention for security personas.

NOTE:

Using JWT

Generate a SSH KeyPair as below. One could use a passphrase to protect the private key, but the TokenLoginModule only supports unprotected private keys (empty passphrase) for now. Tests that use password protected keys should use the Carol user that, in our convention, always uses protected keys and the password is 'secret'.

$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/hadrian/.ssh/id_rsa): ./id_rsa-carol
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in ./id_rsa-carol.
Your public key has been saved in ./id_rsa-carol.pub.
The key fingerprint is:
SHA256:jnbnEbeCyhrf1PYTpu8VAfCviEcD+T8a7sI36zpfDzQ [email protected]
The key's randomart image is:
+---[RSA 4096]----+
|          ...    |
|         . . .   |
|        o   . .  |
|         o   . . |
|        S = E o  |
|       o = Bo+ . |
|    . o.* XoB..  |
|     = =+*+B.=   |
|    ..+ oOO=+..  |
+----[SHA256]-----+

Generating Tokens

TBD

org.apifocal.activemix.jaas

Versions

Version
1.0.0.rc1