Authentication over Kerberos in ActiveMQ (embedded in Spring Boot) - authentication

I'm looking for a solution from title.
I have ActiveMQ broker embedded in Spring Boot application.
What I want to do is to authenticate some domain technical users (dedicated for some applications) over Kerberos. I know there is solution for LDAP authentication but I need Kerberos authentication.
Is there any possibility to do so?
Is there any possibility to do so using spring-security?
Could you explain how to do this?
I'm actualy stuck on this.
Thanks for all your answers!

Related

Does ActiveMQ support NTLM authentication?

New to ActiveMQ and didn’t find any information whether ActiveMQ supports NTLM authentication or not by explicitly searching for documentation related to configuring it to use NTLM.
Could anyone please advise where I can find any information about supported authentication types by ActiveMQ?
ActiveMQ does not support NTLM out of the box. However, ActiveMQ integrates with JAAS and supports pluggable login modules so you could theoretically still get the support you need.

Implementing PicketLink as iDP in Weblogic

Excuse my ignorance but can PicketLink be implemented as an IDP within weblogic?
I am looking to create a light weight IDP Proxy to be able to accept SAML requests and issue SAML Assertions based on simple authentication handled elsewhere so not looking for anything that provides too much.
I wondered if picketlink offered a simple API to do this and whether it would work on a welbogic domain.
Weblogic has its own, built-in SAML implementation that is tightly integrated with the rest of their platform. It is fully configurable from their admin console. Use that instead of PicketLink.
http://docs.oracle.com/cd/E28280_01/web.1111/e13707/saml.htm#SECMG252

Using weblogic Authorization without authentication

I have implemented OAM SSO Authentication for my web application deployed on weblogic. Now i want use weblogic embedded LDAP to provide app level authorization. I dont want to use the weblogic authentication, just the authorization since i already have authentication handled by OAM. Is that possible? Can someone please point me to any examples, tutorials, or ideas to achieve this?
Depending on your OAM version, you need to add a OAMIdentityAsserter Provider in your WLS domain. I say depending on your OAM verison, because you need to tell it which type of cookies to use.
OAM Admin guide will tell you how to do this.

Secure authentication in jboss portal

I am developing a Portal application and using jboss portal for this purpose. My current application authenticates the user from jboss DB, using the j_security_check servlet with username and password as POST parameters.
Now, if I use firebug or any HTTP monitor, then I can see the username and password, which is a security issue.
What is the better and secure way of authentication in jboss?
Securing web applications is a vast subject. It entirely depends on your needs.
From your post, what you want (to start with) is a secure communication. You can use SSL with JBoss to ensure a secure channel. I recommend you to take a look at the JBoss security documentation. I am sure you will have more concrete doubts / concerns when you start working with it - then we will try to help :)
I found a very good source of JBoss information JBoss in Action. It refers to JBoss 5 so many areas might be outdated, but other would still apply. I am using JBoss 6 and has been of great help.

Glassfish Custom Authentication Module?

I know glassfish can authenticate against an LDAP server, I also know it can authenticate against my own database. What I would like to do is authenticate users against LDAP, but get their roles from my own database.
Where would I start learning how to create my own custom authentication module?
HERE is the step-by-step instructions of how to do this.
See the Glassfish security FAQ, specifically "How do I write/configure my own login module and plug it into GlassFish?"
and this sun document