The micro broker uses the Java
™ Authentication and Authorization Service (JAAS) to authenticate clients.
If the micro broker is running on a platform supporting security features, then any client application that specifies a user name and password is authenticated. If authentication succeeds, then the user name provided by the client is used as the subject name for authorization. If a client does not specify a user name and password, then the client is considered to be authenticated, and the user name "anonymous" is used for authorization.
Micro broker clientParent topic: Configuring micro broker security
Micro broker clients supply a username (or userID
) and password, which are used to authenticate the client.
Default authentication system
By default, the micro broker uses its own default JAAS login module to authenticate clients. The default module uses a simple password file (named micro-pwd
) that is stored in the data directory of the broker. The password file is created and seeded with the Admin username and password, whenever a micro broker is created. The file can be administered (add and remove users, change password) using the API provided by the DefaultUserAdmin
Using a custom authentication system
The micro broker uses the standard JAAS framework to authenticate clients.