ActiveMQ Artemis has message-level authorization for consumption. This is implemented via a broker plugin [1], specifically:
org.apache.activemq.artemis.core.server.plugin.ActiveMQServerMessagePlugin#canAccept We actually ship a simple implementation of this plugin which is documented here [2]. The code is available here [3] which you can copy and modify for your own implementation. The APIs are pretty straight-forward, but certainly let us know if you have any questions. Justin [1] https://activemq.apache.org/components/artemis/documentation/latest/broker-plugins.html#plugin-support [2] https://activemq.apache.org/components/artemis/documentation/latest/broker-plugins.html#using-the-brokermessageauthorizationplugin [3] https://github.com/apache/activemq-artemis/blob/main/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/plugin/impl/BrokerMessageAuthorizationPlugin.java On Fri, May 10, 2024 at 9:25 AM Daniel Martín Anido <danielman...@gmail.com> wrote: > Oops, I should have mentioned I'm using ActiveMQ Artemis. > > On Fri, 10 May 2024 at 16:03, Matt Pavlovich <mattr...@gmail.com> wrote: > > > Hi Daniel- > > > > ActiveMQ supports a Message Level Security for custom handling for > > message-level-security: > > > > https://activemq.apache.org/components/classic/documentation/security > > > > Keep in mind this pattern is effectively a queue-in-a-queue. Users > > generally see better results when those messages are filtered to > _separate_ > > queues and permissions handled there vs trying to sub-divide a single > > shared queue. > > > > Thanks, > > Matt Pavlovich > > > > > On May 10, 2024, at 8:47 AM, Daniel Martín Anido < > danielman...@gmail.com> > > wrote: > > > > > > Hi there! > > > > > > I'm trying to let external users access my broker. Messages contain a > > > property guiding which users should be allowed to read them, set via > > > TextMessage.setStringProperty("type", > > > "..."). I was wondering how can I configure ActiveMQ such that the > value > > of > > > the "type" property is used to determine which users can access which > > > messages. > > > > > > For example, is it possible to have a <filter> element or attribute > > within > > > the <security-setting> or <permission> elements? > > > > > > Thanks, > > > Daniel > > > > >
