I don't think Artemis supports the functionality you're looking for. Roles come from whatever JAAS login module you're using. There's no way to lump users into an arbitrary role.
You can arbitrarily map one role to another using the <role-mapping> in <security-settings>, but that doesn't sound like what you're looking for. Justin On Wed, Nov 8, 2017 at 4:08 AM, ben <benjamin.buehlm...@gmail.com> wrote: > I successfully configured the integration of ActiveMQ Artemis 2.4 with an > ActiveDirectory used just for authentication of the users. Integration is > done over JAAS with the > org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule. > > Now I would like to restrict access to the queues for the users looked up > in > the AD. But there will be no groups in the AD we can use for authorization > and changes in the AD are not possible. > > What is the simplest way in ActiveMQ Artemis to protect queues for a list > uf > users? > > In Wildfly / EAP 7 we use as a workaround a local mapping file that defines > a mapping between users looked up in the AD to local roles. > > > > -- > Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User- > f2341805.html >
