Commit Graph

216 Commits

Author SHA1 Message Date
gtully d71d54b38a ARTEMIS-3168 - add example using authentication delegation to keycloak, principal conversion for jms clients and oath for the web cosole 2021-03-23 09:51:50 +00:00
Clebert Suconic 21ee5985ea [maven-release-plugin] prepare for next development iteration 2021-02-11 12:00:04 -05:00
Clebert Suconic 36a771150b [maven-release-plugin] prepare release 2.17.0 2021-02-11 11:59:51 -05:00
Justin Bertram 077087571f ARTEMIS-2943 fix static selector example
The static-selector example was using a multicast queue instead of an
anycast queue which meant that the consumer never actually received any
of the messages. Furthermore, it wasn't actually verifying that it
received the proper messages so there was no failure. This commit
resolves these issues.
2021-02-10 19:26:00 -05:00
Clebert Suconic c0867f0361 [maven-release-plugin] prepare for next development iteration 2021-02-09 12:12:48 -05:00
Clebert Suconic 9b473698e0 [maven-release-plugin] prepare release 2.17.0 2021-02-09 12:12:35 -05:00
Clebert Suconic 6ed1e4c87d [maven-release-plugin] prepare for next development iteration 2021-02-08 15:56:31 -05:00
Clebert Suconic 06b29806ca [maven-release-plugin] prepare release 2.17.0 2021-02-08 15:56:18 -05:00
Ryan Yeats 86a2cad12a ARTEMIS-1884 add plugin API for message level authorization policies 2021-01-25 13:44:36 -06:00
Urs Roesch f491651fdb NO-JIRA: remove duplicate consecutive words
Removes duplicate consecutives words from markdown
documentation files.
2020-11-16 15:19:29 -06:00
Clebert Suconic 4e7bb97df7 [maven-release-plugin] prepare for next development iteration 2020-11-02 17:45:51 -05:00
Clebert Suconic 9768017530 [maven-release-plugin] prepare release 2.16.0 2020-11-02 17:45:38 -05:00
Clebert Suconic 28919b6ad8 [maven-release-plugin] prepare for next development iteration 2020-10-30 10:16:29 -04:00
Clebert Suconic af5ca9f1e6 [maven-release-plugin] prepare release 2.16.0 2020-10-30 10:16:17 -04:00
gtully 583bd3602a ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - revert new page-store-name addressSetting, when the page store respects the target address and the size is tallied on the target address store, it is no longer neecessary 2020-10-19 14:04:35 +01:00
gtully fa04881c6f ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - new page-store-name addressSetting to allow wildcard subscriptions share a single page store 2020-09-24 09:39:31 +01:00
Justin Bertram cf92c16339 ARTEMIS-2886 put address/FQQN into new security manager interface
The default JAAS security manager doesn't need the address/FQQN for
authorization, but I'm putting it back into the interface because there
are other use cases which *do* need it.
2020-09-14 15:35:24 -04:00
Justin Bertram 90853409a0 ARTEMIS-2886 optimize security auth
Both authentication and authorization will hit the underlying security
repository (e.g. files, LDAP, etc.). For example, creating a JMS
connection and a consumer will result in 2 hits with the *same*
authentication request. This can cause unwanted (and unnecessary)
resource utilization, especially in the case of networked configuration
like LDAP.

There is already a rudimentary cache for authorization, but it is
cleared *totally* every 10 seconds by default (controlled via the
security-invalidation-interval setting), and it must be populated
initially which still results in duplicate auth requests.

This commit optimizes authentication and authorization via the following
changes:

 - Replace our home-grown cache with Google Guava's cache. This provides
simple caching with both time-based and size-based LRU eviction. See more
at https://github.com/google/guava/wiki/CachesExplained. I also thought
about using Caffeine, but we already have a dependency on Guava and the
cache implementions look to be negligibly different for this use-case.
 - Add caching for authentication. Both successful and unsuccessful
authentication attempts will be cached to spare the underlying security
repository as much as possible. Authenticated Subjects will be cached
and re-used whenever possible.
 - Authorization will used Subjects cached during authentication. If the
required Subject is not in the cache it will be fetched from the
underlying security repo.
 - Caching can be disabled by setting the security-invalidation-interval
to 0.
 - Cache sizes are configurable.
 - Management operations exist to inspect cache sizes at runtime.
2020-08-26 13:36:24 -05:00
Domenico Francesco Bruscino 32bf9680f2 [maven-release-plugin] prepare for next development iteration 2020-08-24 16:03:24 +02:00
Domenico Francesco Bruscino a549fcedde [maven-release-plugin] prepare release 2.15.0 2020-08-24 16:03:12 +02:00
Clebert Suconic 6690ba1d24 [maven-release-plugin] prepare for next development iteration 2020-07-09 12:49:08 -04:00
Clebert Suconic a76f41a7ed [maven-release-plugin] prepare release 2.14.0 2020-07-09 12:48:54 -04:00
Clebert Suconic 6254a70ddc NO-JIRA Fixing some javadoc statements 2020-07-09 12:23:46 -04:00
brusdev a8c278a80e ARTEMIS-2790 Fix no examples documentation in the bin archive
Move the markdown generator for the examples to artemis-distribution.
2020-06-04 10:15:10 -04:00
Clebert Suconic faa83b2ba6 [maven-release-plugin] prepare for next development iteration 2020-05-16 18:38:47 -04:00
Clebert Suconic 5f49d89264 [maven-release-plugin] prepare release 2.13.0 2020-05-16 18:38:34 -04:00
Clebert Suconic c99fcd501b [maven-release-plugin] prepare for next development iteration 2020-05-15 16:42:54 -04:00
Clebert Suconic 47fafac760 [maven-release-plugin] prepare release 2.13.0 2020-05-15 16:42:41 -04:00
Andy Taylor 8a04ee07de ARTEMIS-2648 - audit logging improvements
https://issues.apache.org/jira/browse/ARTEMIS-2648
2020-05-04 15:19:08 +01:00
Justin Bertram 6709883d0e ARTEMIS-2738 implement per-acceptor security domains 2020-04-28 21:45:38 -04:00
Clebert Suconic 11a3e810bb [maven-release-plugin] prepare for next development iteration 2020-04-21 17:06:21 -04:00
Clebert Suconic 30272e0c2f [maven-release-plugin] prepare release 2.12.0 2020-04-21 17:06:08 -04:00
Clebert Suconic d231e2ac63 [maven-release-plugin] prepare for next development iteration 2020-04-16 16:16:41 -04:00
Clebert Suconic 9636f4a3b0 [maven-release-plugin] prepare release 2.12.0 2020-04-16 16:16:28 -04:00
Justin Bertram 72f5a1f5bc NO-JIRA fix up docs for security-ldap example 2020-02-24 13:32:02 -06:00
Justin Bertram 97735ca72c [maven-release-plugin] prepare for next development iteration 2020-01-10 09:00:58 -06:00
Justin Bertram 25a947f6cb [maven-release-plugin] prepare release 2.11.0 2020-01-10 08:57:46 -06:00
Justin Bertram 81c83e05fa NO-JIRA regenerate expired SSL test resources 2020-01-08 14:09:33 +08:00
Justin Bertram fd6a98a4f8 ARTEMIS-2574 fix example 2019-12-16 10:12:24 -06:00
Justin Bertram c06404406c ARTEMIS-2574 allow security manager config via XML
The test-suite has long used the broker's ability to configure the
security manager. This commit implements this functionality via XML
configuration.
2019-12-12 15:48:43 -05:00
Clebert Suconic 91f4d0a633 [maven-release-plugin] prepare for next development iteration 2019-09-23 11:19:54 -04:00
Clebert Suconic 86a975fdad [maven-release-plugin] prepare release 2.10.1 2019-09-23 11:19:42 -04:00
Clebert Suconic 5016f69daa [maven-release-plugin] prepare for next development iteration 2019-08-26 10:42:13 -04:00
Clebert Suconic f092d5396a [maven-release-plugin] prepare release 2.10.0 2019-08-26 10:42:01 -04:00
Justin Bertram d92c9bbf1f NO-JIRA a few example updates 2019-06-20 11:42:00 -04:00
Justin Bertram dbb2b54fa7 [maven-release-plugin] prepare for next development iteration 2019-05-29 22:02:00 -05:00
Justin Bertram 88c686cc99 [maven-release-plugin] prepare release 2.9.0 2019-05-29 21:59:18 -05:00
Clebert Suconic 2ae732cfc8 [maven-release-plugin] prepare for next development iteration 2019-05-16 09:58:27 -04:00
Clebert Suconic 481b9824a8 [maven-release-plugin] prepare release 2.8.1 2019-05-16 09:58:15 -04:00
Clebert Suconic 56152a9e7c [maven-release-plugin] prepare for next development iteration 2019-05-02 16:39:10 -04:00