[ https://issues.jboss.org/browse/WFLY-6644?page=com.atlassian.jira.plugin.... ] Miroslav Novak updated WFLY-6644: --------------------------------- Description: Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection(). Such security-domain could look like: {code}<security-domain name="CrashRecoveryDomain0"> <authentication> <login-module code="ConfiguredIdentity" flag="required"> <module-option name="principal" value="crash0"/> <module-option name="password" value="crash0"/> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="crash0"/> </login-module> </authentication> </security-domain>{code} The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1]. [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html was: Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection(). Such security-domain could look like: <security-domain name="CrashRecoveryDomain0"> <authentication> <login-module code="ConfiguredIdentity" flag="required"> <module-option name="principal" value="crash0"/> <module-option name="password" value="crash0"/> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="userName" value="crash0"/> </login-module> </authentication> </security-domain> The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1]. [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html -- This message was sent by Atlassian JIRA (v6.4.11#64026)