Out of the box, ActiveMQ provides a modest authentication service via the simpleAuthenticationPlugin. See http://activemq.apache.org/security.html . When enabled it will force the clients to provide a valid userid and passwd in order to successfully connect with the broker. It won't prevent a DOS attack, but at least it will keep just anyone from gaining access to the broker.
Ramsub wrote: > > Is that activemq intended to be running within an enterprise firewall? My > application is expected to run in a box which will be connected to > internet. In this case, running the broker listening on tcp://localhost is > risky because anyone out in the internet could potentially make DOS kind > of attacks. > > Is there a way we can restrict the broker to provide access only to > certain trusted clients( like an ACL)? Or should I rely on the network to > provide such a security. > > Would appreciate a response from architects/experts. > > Thanks, > > -rama > > > -- View this message in context: http://www.nabble.com/Security-Issue-tf4484529s2354.html#a12789837 Sent from the ActiveMQ - User mailing list archive at Nabble.com.
