...
Adding an Artemis interceptor allows the for interception of packets entering and exiting the broker. Information regarding the remote connection used in the packet transmission is also provided via the interceptor. Depending on what protocol is being used for message communication, a different kind of interceptor is required to be implemented (e.g. AmqpInterceptor for AMQP, Interceptor for Core).
When debugging through the Interceptor over the Core protocol, I noticed there was very minimal or no security information inside both the Packet and RemotingConnection objects. The Packet only had little information regarding the message, the address of the message, and other small details of the packet depending on the its type of packet. No security information was present in the Packet. The RemotingConnection had low level details about the connection, including the IP of the broker and the protocol used, but no security information was present regarding the connection. The interface of the RemotingConnection object however does expose a getSubject method, but its implementation just returns null. A pull request to Artemis would be necessary in order to implement getSubject and attach the subject to the Packet.
Decision
Decided to contribute an improvement to Artemis upstream.
https://github.com/apache/activemq-artemis/commit/86a2cad12ac77cc50ff5841c87d5d15865f983c3
Artemis security plugins can now be developed downstream of DDF.