activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sandeep Chayapathi <sand...@wssource.com>
Subject [Stomp] Security - not authorized to create: topic://ActiveMQ.Advisory.Connection error
Date Wed, 02 Aug 2006 21:31:05 GMT
 Hi,

 This is a followup on: 
http://www.nabble.com/-Stomp--Access-Control-List-tf2040876.html

Now, I have setup AMQ 4.0.1 with the default JAAS plugin, as described 
here: http://activemq.org/site/security.html

However, when I try to connect (login: users, passcode: password), I get 
the following error:

-------
INFO  Service                        - Sync error occurred: 
java.lang.SecurityException: User users is not authorized to create: 
topic://ActiveMQ.Advisory.Connection
java.lang.SecurityException: User users is not authorized to create: 
topic://ActiveMQ.Advisory.Connection
        at 
org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:64)
        at 
org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:142)
        at 
org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:244)
        at 
org.apache.activemq.broker.region.AbstractRegion.send(AbstractRegion.java:224)
        at 
org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:345)
        at 
org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:192)
        at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:271)
        at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:236)
        at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:231)
        at 
org.apache.activemq.advisory.AdvisoryBroker.addConnection(AdvisoryBroker.java:72)
        at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
        at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
        at 
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:87)
        at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
        at 
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:82)
        at 
org.apache.activemq.broker.AbstractConnection.processAddConnection(AbstractConnection.java:507)
        at 
org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:82)
        at 
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:118)
        at 
org.apache.activemq.broker.AbstractConnection.service(AbstractConnection.java:201)
        at 
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:62)
        at 
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:97)
        at 
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:63)
        at 
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:122)
        at 
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:87)
        at 
org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:143)
        at java.lang.Thread.run(Thread.java:595)
------

--- login.config -----
activemq-domain {
    org.apache.activemq.jaas.PropertiesLoginModule required
        debug=true
        
org.apache.activemq.jaas.properties.user="org/apache/activemq/security/users.properties"
        
org.apache.activemq.jaas.properties.group="org/apache/activemq/security/groups.properties";
};
---------------------

---- users.properties ------
admins=manager
users=password
guest=password
------------------------------

------- activemq.xml ------------

  <plugins>
      <jaasAuthenticationPlugin configuration="activemq-domain" />
      <authorizationPlugin>
        <map>
          <authorizationMap>
            <authorizationEntries>
              <authorizationEntry queue=">" read="admins" write="admins" 
admin="admins" />
              <authorizationEntry queue="USERS.>" read="users" 
write="users" admin="users" />
              <authorizationEntry queue="GUEST.>" read="guests" 
write="guests,users" admin="guests,users" />
              <authorizationEntry topic=">" read="admins" write="admins" 
admin="admins" />
              <authorizationEntry topic="USERS.>" read="users" 
write="users" admin="users" />
              <authorizationEntry topic="GUEST.>" read="guests" 
write="guests,users" admin="guests,users" />
              <authorizationEntry topic="ActiveMQ.Advisory.>" 
read="guests,users" write="guests,users" admin="guests,users"/>
            </authorizationEntries>
          </authorizationMap>
        </map>
      </authorizationPlugin>
    </plugins>
-----------------------------------

Mime
View raw message