1 of 1 people found this helpful
I know JMS specification doesn't provide such authentication only user/password authentication should be used.
But once the ssl connection is established I really need to identify producer according to its certificate for each message (using a core bridge between servers) .
So is there any workaround to do such a thing ?
The SSL authentication is taken care of by Netty, our transport layer so no, currently this is not possible as we only handle the unencrypted data. Saying that Netty does expose some functionality to access the SSL Engine used so maybe this is something we could add. Feel free to eaise a JIRA although its unlikely to be high on our list of todo's. you could have a go at im-lementing this yourself, we are always happy to receive community contributions.
I tried using HornetQInterceptor but no luck.
Also a sub-question would be why NettyConnection.getDefaltHornetQPrincipal() isn't allowed.
This is not really for SSL, its used by wildfly so it can allow invm connections without security.
If there is no workaround I'll be happy to purpose some patch.
I'll think about it and open a Jira then.