ActiveMQ security plugin based on relational database

Question

Is there any open-source security plugin for ActiveMQ to be able to provide dynamically reconfigurable authentication and authorization (A&A) security services based on a relational database (DB)? Basically, I have a large number of users and topics, which I cannot handle them using a simple .xml file. Moreover, the access rights are changing continuously during runtime (actually the users themselves give permissions to other users to be able to subscribe to their topic) so I cannot interfere in the system to apply the new changes.

Answer 1

I'm no expert in ActiveMQ, but I'm one of the developers of the HiveMQ MQTT broker, which is also written in Java. We have an OpenSource Plugin SDK, which allows to customize the authentication of clients and the authorization of clients to publish/subscribe to the broker. You can use a relational database or any other kind of service that is accessable from within Java to determine if a certain client is allowed to publish or subscribe to a topic. Clients can be restricted by topic, activity (publish/subscribe) and QoS.

More information how it works can be found in the HiveMQ Plugin developers guide [1] [2].

Cheers, Chris

[1] http://www.hivemq.com/docs/plugins/1.4.0/#auth-permission-chapter

[2] http://www.hivemq.com/docs/plugins/1.4.0/#client-authorization-chapter