activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Prokopiev <prokop...@stc.donpac.ru>
Subject Re: Security and restricting access
Date Thu, 10 Aug 2006 17:58:26 GMT
> Some specific explaination, per your code would be nice.  Like what steps you
> are doing, and how it works with the ActiveMQ plugin model.  I've never used
> Spring.  I've never used a plugin.  I understand fundamental core Java,
> period.  
> 
> The basic security model I was envisioning using was to have the topic/queue
> names include a UUID...if one doesn't know the queue name, including UUID,
> then one can't access the queue.    The client is C++.  The backend logic,
> per my project, is done with JAVA Servlets/Struts, and a set of tables in a
> MySQL DB.
> 
> As I stated originally, I want to be able to only have a few "entities",
> authenticated by Username and Password, be able to Create and Destroy Topics
> and Queues.  Either manually or programmatically.
> 
> For example how could I set ActiveMQ up so that only two specific usernames
> and passwords would give topic/queue create/destroy access? 

You need to write you own class extends BrokerPluginSupport class. Such 
classes defined as plugins for ActiveMQ broker will intercept all events 
in broker lifecycle, so you can read event parameters (username and 
password for example) and allow this event by calling super. or restrict 
them by raising exception.

For defining plugins for ActiveMQ broker you need read more about 
ActiveMQ xml configuration in 
http://activemq.com/site/xml-configuration.html

Next you need to select raw Spring or XBeans Spring configuration 
manner. In first case you can write this simple configuration:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" 
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>	
	<bean id="broker" class="org.apache.activemq.broker.BrokerService" 
init-method="start" destroy-method="stop">
                 <property name="brokerName" value="m0"/>
                 <property name="persistent" value="true"/>
                 <property name="transportConnectorURIs">
                         <list>
                                 <value>tcp://localhost:5000</value>
                         </list>
                 </property>
                 <property name="plugins">
                         <list>
                                 <bean class="SimplePlugin"/>
                         </list>
                 </property>
         </bean>
</beans>

For starting this configuration (it can be named "context" by Spring 
users) you need to write and run this class:

import org.springframework.context.support.AbstractApplicationContext;
import org.springframework.context.support.FileSystemXmlApplicationContext;

public class Startup {

         public static void main(String[] args) throws 
InterruptedException {

                 AbstractApplicationContext ctx =
                         new FileSystemXmlApplicationContext(new String 
[]{"context.xml"});
                 ctx.registerShutdownHook();
                 Thread.sleep(Long.MAX_VALUE);
         }

}

So, broker will work until pressing Ctl+C

Also you need to write class SimplePlugin extends BrokerPluginSupport 
and overrides some of it's methods.

XBeans Spring configuration is used by default and in this case you 
don't need write you own Startup class and can use 
activemq.sh/activemq.bat. In this case plugins connecting described in 
http://activemq.com/site/security.html


Mime
View raw message