Hi Villus,
you can create an acceptor that allows only connections from specific users
by setting a per-acceptor security domain[1] and a connection router[2] to
reject connections with a source IP address that doesn't match your filter,
i.e.
<connection-router name="privileged-ip-filter">
<key-type>SOURCE_IP</key-type>
<local-target-filter>^192\.168\.10\.1|192\.168\.10\.2$</local-target-filter>
</connection-router>
[1]
https://activemq.apache.org/components/artemis/documentation/latest/security.html#per-acceptor-security-domains
[2]
https://activemq.apache.org/components/artemis/documentation/latest/connection-routers.html#connection-routers
Regards,
Domenico
On Tue, 15 Apr 2025 at 22:24, Vilius Šumskas
<[email protected]> wrote:
> Hi,
>
> is there a way to somehow limit which IP Artemis user is allowed to
> connect from? We had instances where privileged user dedicated to internal
> usage only was used in externalized Java services. I want to protect these
> users from being used where they should not be.
>
> --
> Best Regards,
> Vilius
>
>
