Can anybody clarify the use-case for this? What messaging protocols are in view here? I'd love to understand more. Thanks!
Justin On Wed, Nov 1, 2023 at 12:27 PM Matt Pavlovich <mattr...@gmail.com> wrote: > Hi Scott- > > Got it, makes sense. Please open a JIRA for the request: > https://issues.apache.org/jira/ > > We’ll be doing roadmap and planning for the next round of release once > 6.0.0 is out. > > Thanks, > Matt Pavlovich > > > On Oct 31, 2023, at 4:22 PM, SCOTT FIELDS <scott.fie...@kyndryl.com.INVALID> > wrote: > > > > Yes, using certificate based authentication/authorization is a secondary > approved method if OIDC isn't supported for this customer. > > > > But...I wanted to pursue the OIDC mechanism, since that's the customer's > primary solution. > > > > -----Original Message----- > > From: Matt Pavlovich <mattr...@gmail.com> > > Sent: Tuesday, October 31, 2023 3:19 PM > > To: users@activemq.apache.org > > Subject: [EXTERNAL] Re: Native Oauth/OIDC integration in ActiveMQ > > > > Hi Scott- > > > > There is interest in adding this to Apache ActiveMQ. A DRAFT RP was > started using JWT: > > > > https://github.com/apache/activemq/pull/1035 > > > > In general, using OAuth/OIDC may not be desirable as having background > threads refreshing tokens can have negative side effects. The OAuth2 > "AppAuth pattern" is something else to look into. > > > > Have you considered two-way SSL authentication? Stronger security, with > expiry and revocation support. > > > > Thanks, > > Matt Pavlovich > > > >> On Oct 31, 2023, at 2:17 PM, SCOTT FIELDS > >> <scott.fie...@kyndryl.com.INVALID> > wrote: > >> > >> To my knowledge, there is no native ActiveMQ integration for > Authorization/Authentication via Oauth/OIDC. > >> > >> Is there any plan, if not, to include this, besides requiring an > external JAAS method provided either by an external vendor or require a > custom coding front-end from the end-use provider? > >> > >> If not, what's the best way to request this? > >> > >> Scott Fields > >> Kyndryl > >> Senior Lead SRE - BNSF > >> 817-593-5038 (BNSF) > >> scott.fie...@kyndryl.com<mailto:scott.fie...@kyndryl.com> > >> scott.fie...@bnsf.com<mailto:scott.fie...@bnsf.com> > >> > > > >