diff --git a/activemq-broker/README_OAUTH_OIDC.md b/activemq-broker/README_OAUTH_OIDC.md
new file mode 100644
index 00000000000..be3874d64be
--- /dev/null
+++ b/activemq-broker/README_OAUTH_OIDC.md
@@ -0,0 +1,19 @@
+# OAuth and OIDC Implementation for ActiveMQ
+
+## Overview
+This document outlines the plan to implement OAuth and OIDC authentication for ActiveMQ. The implementation will be done in a maxiumum of four stages:
+1. Initial declaration of changes and setup.
+2. Implementation of OAuth and OIDC methods.
+3. Adding unit and integration tests.
+4. Implementing logging for OAuth and OIDC operations.
+
+## Plugin configuration in the activemq.xml file
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/activemq-broker/README_OAUTH_OIDC.md.bak b/activemq-broker/README_OAUTH_OIDC.md.bak
new file mode 100644
index 00000000000..0481a12c59e
--- /dev/null
+++ b/activemq-broker/README_OAUTH_OIDC.md.bak
@@ -0,0 +1,9 @@
+# OAuth and OIDC Implementation for ActiveMQ
+
+## Overview
+This document outlines the plan to implement OAuth and OIDC authentication for ActiveMQ. The implementation will be done in a maxiumum of four stages:
+1. Initial declaration of changes and setup.
+2. Implementation of OAuth and OIDC methods.
+3. Adding unit and integration tests.
+4. Implementing logging for OAuth and OIDC operations.
+
diff --git a/activemq-broker/pom.xml b/activemq-broker/pom.xml
index 7acaf187447..8f1f839dbee 100644
--- a/activemq-broker/pom.xml
+++ b/activemq-broker/pom.xml
@@ -50,7 +50,8 @@
jakarta.annotation
jakarta.annotation-api
-
+
+
@@ -67,6 +68,23 @@
true
+
+
+
+
+
+
+ com.nimbusds
+ oauth2-oidc-sdk
+ 9.15
+
+
+ com.nimbusds
+ nimbus-jose-jwt
+ 9.40
+
+
+
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/OAuthValidator.java b/activemq-broker/src/main/java/org/apache/activemq/security/OAuthValidator.java
new file mode 100644
index 00000000000..328c7904df5
--- /dev/null
+++ b/activemq-broker/src/main/java/org/apache/activemq/security/OAuthValidator.java
@@ -0,0 +1,23 @@
+package org.apache.activemq.security;
+
+public class OAuthValidator {
+ private String clientId;
+ private String clientSecret;
+ private String oidcServerUrl;
+ private String oidcIssuer;
+
+ public OAuthValidator(String clientId, String clientSecret, String oidcServerUrl, String oidcIssuer) {
+ this.clientId = clientId;
+ this.clientSecret = clientSecret;
+ this.oidcServerUrl = oidcServerUrl;
+ this.oidcIssuer = oidcIssuer;
+ }
+
+ public void initialize() {
+ throw new UnsupportedOperationException("Method not implemented yet");
+ }
+
+ public boolean validateToken(String token) {
+ throw new UnsupportedOperationException("Method not implemented yet");
+ }
+}
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/OIDCAuthenticationPlugin.java b/activemq-broker/src/main/java/org/apache/activemq/security/OIDCAuthenticationPlugin.java
new file mode 100644
index 00000000000..823f59ec996
--- /dev/null
+++ b/activemq-broker/src/main/java/org/apache/activemq/security/OIDCAuthenticationPlugin.java
@@ -0,0 +1,68 @@
+package org.apache.activemq.security;
+
+import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerPlugin;
+import org.apache.activemq.broker.BrokerPluginSupport;
+import org.apache.activemq.command.ConnectionInfo;
+import org.apache.activemq.security.OIDCSecurityContext;
+
+public class OIDCAuthenticationPlugin implements BrokerPlugin {
+ private String clientId;
+ private String clientSecret;
+ private String oidcServerUrl;
+ private String oidcIssuer;
+
+ @Override
+ public Broker installPlugin(Broker broker) {
+ return new OIDCBroker(broker);
+ }
+
+ private class OIDCBroker extends BrokerPluginSupport {
+ private final Broker next;
+
+ public OIDCBroker(Broker next) {
+ this.next = next;
+ }
+
+ @Override
+ public void addConnection(org.apache.activemq.broker.ConnectionContext context, ConnectionInfo info) throws Exception {
+ throw new UnsupportedOperationException("Method not implemented yet");
+ }
+
+ private OIDCSecurityContext authenticate(String token) {
+ throw new UnsupportedOperationException("Method not implemented yet");
+ }
+ }
+
+ public String getClientId() {
+ return clientId;
+ }
+
+ public void setClientId(String clientId) {
+ this.clientId = clientId;
+ }
+
+ public String getClientSecret() {
+ return clientSecret;
+ }
+
+ public void setClientSecret(String clientSecret) {
+ this.clientSecret = clientSecret;
+ }
+
+ public String getOidcServerUrl() {
+ return oidcServerUrl;
+ }
+
+ public void setOidcServerUrl(String oidcServerUrl) {
+ this.oidcServerUrl = oidcServerUrl;
+ }
+
+ public String getOidcIssuer() {
+ return oidcIssuer;
+ }
+
+ public void setOidcIssuer(String oidcIssuer) {
+ this.oidcIssuer = oidcIssuer;
+ }
+}
\ No newline at end of file
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/OIDCSecurityContext.java b/activemq-broker/src/main/java/org/apache/activemq/security/OIDCSecurityContext.java
new file mode 100644
index 00000000000..ea58a5cc784
--- /dev/null
+++ b/activemq-broker/src/main/java/org/apache/activemq/security/OIDCSecurityContext.java
@@ -0,0 +1,18 @@
+package org.apache.activemq.security;
+
+import java.security.Principal;
+import java.util.Set;
+
+public class OIDCSecurityContext extends SecurityContext {
+ private final Set principals;
+
+ public OIDCSecurityContext(String userName, Set principals) {
+ super(userName);
+ this.principals = principals;
+ }
+
+ @Override
+ public Set getPrincipals() {
+ return principals;
+ }
+}
\ No newline at end of file
diff --git a/activemq-web-console/src/main/webapp/WEB-INF/activemq.xml b/activemq-web-console/src/main/webapp/WEB-INF/activemq.xml
index 4317fefd4f5..264088b70ed 100644
--- a/activemq-web-console/src/main/webapp/WEB-INF/activemq.xml
+++ b/activemq-web-console/src/main/webapp/WEB-INF/activemq.xml
@@ -34,6 +34,9 @@
+
+
+