客户端之间的 JMS / MQ 机密性
我正在设计一个系统,其中一台服务器必须向许多独立的客户端发送消息。客户端彼此不了解,并且不应该能够消费、窥视或以任何其他方式获取有关彼此消息的知识。
因此我想知道 JMS / ActiveMq 是否能够控制哪些客户端获取哪些消息?
我希望所有客户端连接到同一个 JSM 提供程序(“目的地”)并且仅使用消息适合他们。从服务器的角度来看,这将是一个简单的设置。
另一种方法是从所有客户端获取 Web 服务端点,并在每次服务器有客户端消息时执行 ws 调用。我认为这种替代方案听起来“错误”,因为我认为 ws 调用过于臃肿。每个 ws 调用都会产生很大的开销,并且该服务器每天必须进行 1000 个调用。在我看来,这对于服务器来说不是最理想的......
I'm designing a system where one server must send messages to lots of independent clients. The clients doesn't know about each other and should not be able to consume, peek or in any other way acquire knowledge about each others messages.
I therefore wonder if JMS / ActiveMq have the ability to control which clients get which messages?
I want all the clients to connect to the same JSM provider (the 'destination') and consume only messages meant for them. This would be a simple setup from the servers point of view.
An alternative would be to acquire webservice endpoints from all the clients and perform ws-calls every time the server have a message for a client. I think this alternative sound 'wrong' as I think ws calls are bloated. There is a great overhead for each ws call, and this server would have to make 1000's of call each day. In my opinion this would be suboptimal for the server...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
简短回答:使用 消息选择器。
详细回答:
该问题没有提及对话是如何发起的。这是我对这两种情况的回答。
a) 如果客户端发起会话(即客户端向服务器发送消息并等待回复)。
这是一个请求/回复场景。消息/JMS 是一个解耦的通信系统。但是 request/reply 是一个JMS 中的常见模式。它可以使用关联模式来实现。
b) 如果服务器发起会话(即服务器在没有客户端请求的情况下向客户端发送消息)。
在这种情况下,可以使用类似的方法。
有关保密性的更新。
以下信息摘自此链接有助于您了解JMS 安全性。
JMS 安全性的两个主要功能是身份验证和授权。据我所知,客户端访问的 JMS 安全性重点在于保护 JMS 目的地(而不是单个消息)。只要客户端有权访问目的地,分配给客户端的安全角色就适用于属于该目的地的所有消息。
基于此,
解决方案1:如果客户端代码由受信任方控制。
请按照我原来的答案中的解决方案进行操作。
这将确保消息被传递给正确的人。但如果故意修改客户端代码以接收所有消息,则不会保护任何内容。
解决方案 2:为每个客户端分配私有目标和用户帐户,并配置安全性,以便客户端的用户帐户只能访问其目标。
注意:找到一个关于"消息选择器提供消息的限制的链接级别授权”。但我认为这是供应商特定的自定义功能。
希望这会有所帮助。
Short answer: Use Message selector.
Detail answer:
The question doesn't mention about how conversation is initiated. So here my answers for both scenarios.
a) If client initiates the conversation (i.e. Client sends a message to server and waiting for a reply).
This is a request/reply scenario. Messaging/JMS is a decoupled communication system. But request/reply is a common pattern in JMS. It can be implemented using correlation pattern.
b) If server initiates the conversation (i.e. Server sends messages to the clients without client request).
In this case, similar approach can be used.
Update about confidentiality.
Following info extracted from this link useful for you to understand JMS security.
Two major features of JMS security are Authentication and Authorization. According to my knowledge, JMS security for client access is focusing on protecting the JMS destinations (not the individual messages). As long as a client has access to a destination, the security role assigned to the client is applicable for all the messages belongs to the destination.
Based on this,
Solution 1: If the client code is controlled by a trusted party.
Follow my solutions in my original answer.
This will make sure the message is delivered to the right person. But will not protect anything if the client code is purposely modified to receive all messages.
Solution 2: Assign private destination and user account to each client and configure security such that user account of a client can access only its destination.
Note: Found a link about "Restrictions for message selectors to provide message level authorization". But I think it is a vendor specific custom feature.
Hope this will be helpful.