activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ali Sadik Kumlali <as_kuml...@yahoo.com>
Subject Re: activemq and jaas
Date Sat, 16 Dec 2006 10:40:13 GMT
Hi,

This[1] may also help.

Regards,

Ali Sadik Kumlali


[1] http://issues.apache.org/activemq/browse/AMQ-982

----- Original Message ----
From: Abdul Alhazred <tharter@tradedesksoftware.com>
To: activemq-users@geronimo.apache.org
Sent: Friday, December 15, 2006 5:18:01 PM
Subject: Re: activemq and jaas


The way I did it (and there may well be other ways depending on what you want
to do...) is:

I created a class which implements javax.security.auth.spi.LoginModule. You
may be able to use an existing one if you
have one that does what you want. You'll probably also want to implement a
CallbackHandler which just returns 
credentials. IIRC I found a pretty good starting point from some example
code by Paul Feuer and John Musser. Sorry I don't have the URL handy, but
I'm sure you can dig it up. 

Then you'll need a login.conf, probably in $ACTIVEMQ_HOME/conf something
like:

ets-domain {
   com.tradedesksoftware.rdbmslogin.RdbmsLoginModule required debug="true"
url="jdbc:mysql://192.168.168.89:3306/etstesting?user=testuser&password=test"
driver="com.mysql.jdbc.Driver";
};
 
and then in activemq.xml:

      <plugins>
          <!-- Configure a JAAS authentication domain to control access to queues
and topics, see also login.conf -->
          <jaasAuthenticationPlugin configuration="ets-domain" />
          <authorizationPlugin>
              <map>
                  <authorizationMap>
                      <authorizationEntries>
                          <authorizationEntry queue=">" read="administrator"
write="administrator" admin="administrator" />
                          <authorizationEntry topic=">" read="administrator"
write="administrator" admin="administrator" />
                          <authorizationEntry topic="ActiveMQ.Advisory.>" read="administrator"
write="administrator" admin="administrator" />
                      </authorizationEntries>
                  </authorizationMap>
              </map>
          </authorizationPlugin>
      </plugins>

Naturally you'll have to create the configuration you need. This seemed to
work pretty well for us, we were able to auth
against a set of database tables using this technique. 


Ken Gallo wrote:
> 
> Hi,
> 
> Refer to this link:  http://activemq.org/site/security.html
> http://activemq.org/site/security.html 
> 
> HTH,
> Ken
> 
> 
> Guillaume Evrard wrote:
>> 
>> hello all!
>> could anyone help me in using jaas with activemq please? i'm not sure to 
>> understand how to do this...
>> guillaume
>> 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/activemq-and-jaas-tf2818995.html#a7893257
Sent from the ActiveMQ - User mailing list archive at Nabble.com.





__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

Mime
View raw message