Hi Scott- Got it, makes sense. Please open a JIRA for the request: https://issues.apache.org/jira/
We’ll be doing roadmap and planning for the next round of release once 6.0.0 is out. Thanks, Matt Pavlovich > On Oct 31, 2023, at 4:22 PM, SCOTT FIELDS <scott.fie...@kyndryl.com.INVALID> > wrote: > > Yes, using certificate based authentication/authorization is a secondary > approved method if OIDC isn't supported for this customer. > > But...I wanted to pursue the OIDC mechanism, since that's the customer's > primary solution. > > -----Original Message----- > From: Matt Pavlovich <mattr...@gmail.com> > Sent: Tuesday, October 31, 2023 3:19 PM > To: users@activemq.apache.org > Subject: [EXTERNAL] Re: Native Oauth/OIDC integration in ActiveMQ > > Hi Scott- > > There is interest in adding this to Apache ActiveMQ. A DRAFT RP was started > using JWT: > > https://github.com/apache/activemq/pull/1035 > > In general, using OAuth/OIDC may not be desirable as having background > threads refreshing tokens can have negative side effects. The OAuth2 "AppAuth > pattern" is something else to look into. > > Have you considered two-way SSL authentication? Stronger security, with > expiry and revocation support. > > Thanks, > Matt Pavlovich > >> On Oct 31, 2023, at 2:17 PM, SCOTT FIELDS <scott.fie...@kyndryl.com.INVALID> >> wrote: >> >> To my knowledge, there is no native ActiveMQ integration for >> Authorization/Authentication via Oauth/OIDC. >> >> Is there any plan, if not, to include this, besides requiring an external >> JAAS method provided either by an external vendor or require a custom coding >> front-end from the end-use provider? >> >> If not, what's the best way to request this? >> >> Scott Fields >> Kyndryl >> Senior Lead SRE - BNSF >> 817-593-5038 (BNSF) >> scott.fie...@kyndryl.com<mailto:scott.fie...@kyndryl.com> >> scott.fie...@bnsf.com<mailto:scott.fie...@bnsf.com> >> >
