Support for DN Username Format for Client Authentication (Sun Java System Message Queue 4.2 Release Notes)

Sun Java System Message Queue 4.2 Release Notes

Previous: Changes to JMX API
Next: JAAS Authentication Enhancement

Support for DN Username Format for Client Authentication

Message Queue 4.2 supports DN username format in client connection authentication against an LDAP user repository. The support involves the following new broker property (and value):

imq.user_repository.ldap.usrformat=dn

This property lets the broker authenticate a client user against an entry in an LDAP user repository by extracting from the DN username format the value of the attribute specified by the following property:

imq.user_repository.ldap.uidattr

The broker uses the value of the above attribute as the name of the user in access control operations.

For example, if imq.user_repository.ldap.uidattr=udi and a client authentication username is in the format udi=mquser,ou=People,dc=red,dc=sun,dc=com, then “mquser” would be extracted for performing access control.

Previous: Changes to JMX API
Next: JAAS Authentication Enhancement