activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Feng Xue <feng....@macquarie.com>
Subject JMS Bridge with ssl + authentication issue
Date Mon, 19 Mar 2007 22:37:33 GMT

Hi All,

I have been trying to configure 2 brokers with JMS bridge, ssl and
authentication.

The goal is to set up a broker "localServer" with JMS bridge that connects
to 
another broker "remoteServer1". The JMS bridge configuration works fine if
local Broker
has no ssl and authentication.  But if I add ssl and/or authentication into
the 
localbroker, it always starts with error as shown at the end of the message.


I looked through the JMS bridge doc as in: 
http://activemq.apache.org/jms-to-jms-bridge.html

but could not find the references of userName and password used for
authenticating again local server (the one which
initial the JMS bridge connections). I also tried "localUsername,
localPassword" in the configuration but with no luck.

After looking through the error stack trace and source codes, it looks like
the programs could not find the corresponding
username/password to authenticate against localServer. i.e.

        user = ((NameCallback) callbacks[0]).getName();
        char[] tmpPassword = ((PasswordCallback)
callbacks[1]).getPassword();
        if (tmpPassword == null) tmpPassword = new char[0];

        String password = users.getProperty(user); 
        // NullPointException occurred here ...

The question are:

when configuring the JMS bridge with remote server 
- how can we specify the username/password in the localBroker so that the
remoteServer can use to authenticate back to the localServer?
- how can we specify the certification keystore so that the remoteServer can
use to establish ssl connection to localServer?

Any sugguestions will be greatly appreciated.

Thanks very much

Regards

Feng Xue





-----------------------------------------------------------------------------------------------------------------
local server configuration: (uses system/manager to authenticate)
-----------------------------------------------------------------------------------------------------------------
<beans>
  <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
  <broker brokerName="authBroker" persistent="false" useJmx="false"
xmlns="http://activemq.org/config/1.0">
    <transportConnectors>
       <transportConnector uri="ssl://localhost:61003"/>
    </transportConnectors>
  <jmsBridgeConnectors>
    <jmsQueueConnector
      outboundQueueConnectionFactory="#remoteFactory">
      <outboundQueueBridges>
        <outboundQueueBridge
          outboundQueueName="sample2.MyQueue" />
      </outboundQueueBridges>
      <inboundQueueBridges>
        <inboundQueueBridge
          inboundQueueName="sample2.MyQueue" />
      </inboundQueueBridges>
    </jmsQueueConnector>
  </jmsBridgeConnectors>
  <plugins>
      <jaasAuthenticationPlugin configuration="activemq-domain" />
      <authorizationPlugin>
        <map>
          <authorizationMap>
            <authorizationEntries>
              <authorizationEntry queue=">" read="guests,users,system"
write="guests,users,system" admin="guests,users,system" />
              <authorizationEntry queue="USERS.>" read="users" write="users"
admin="users" />
              <authorizationEntry queue="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />

              <authorizationEntry topic=">" read="guests,users"
write="guests,users" admin="guests,users"/>
              <authorizationEntry topic="USERS.>" read="users" write="users"
admin="users" />
              <authorizationEntry topic="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />
              <authorizationEntry topic="ActiveMQ.Advisory.>"
read="guests,users" write="guests,users" admin="guests,users"/>
            </authorizationEntries>
          </authorizationMap>
        </map>
      </authorizationPlugin>
    </plugins>
  </broker>
<!-- JMS ConnectionFactory to use remote -->
<bean id="remoteFactory"
  class="org.apache.activemq.ActiveMQConnectionFactory">
  <property name="brokerURL" value="ssl://remoteServer1:61617" />
        <property name="userName">
            <value>system</value>
        </property>
        <property name="password">
            <value>manager</value>
        </property>
</bean>
</beans>

-----------------------------------------------------------------------------------------------------------------
remoteServer1 configuration: (uses system/manager to authenticate)
-----------------------------------------------------------------------------------------------------------------
<beans>
  <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
  <broker name="BrokerEcsydtst01" useJmx="true"
xmlns="http://activemq.org/config/1.0">
    <!-- Use the following to configure how ActiveMQ is exposed in JMX -->
    <managementContext>
       <managementContext connectorPort="1099"
jmxDomainName="org.apache.activemq"/>
    </managementContext>
    <persistenceAdapter>
        <journaledJDBC journalLogFiles="5"
dataDirectory="${activemq.base}/activemq-remoteServer1-auth-data"/>
    </persistenceAdapter>
   <transportConnectors>
      <transportConnector uri="ssl://localhost:61617?trace=true" />
    </transportConnectors>
    <networkConnectors>
      <networkConnector uri="static:(ssl://remoteServer2:61617)"
userName="system" password="manager" />
    </networkConnectors>
  <plugins>
      <jaasAuthenticationPlugin configuration="activemq-domain" />
      <authorizationPlugin>
        <map>
          <authorizationMap>
            <authorizationEntries>
              <authorizationEntry queue=">" read="guests,users,system"
write="guests,users,system" admin="guests,users,system" />
              <authorizationEntry queue="USERS.>" read="users" write="users"
admin="users" />
              <authorizationEntry queue="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />

              <authorizationEntry topic=">" read="guests,users"
write="guests,users" admin="guests,users"/>
              <authorizationEntry topic="USERS.>" read="users" write="users"
admin="users" />
              <authorizationEntry topic="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />
              <authorizationEntry topic="ActiveMQ.Advisory.>"
read="guests,users" write="guests,users" admin="guests,users"/>
            </authorizationEntries>
          </authorizationMap>
        </map>
      </authorizationPlugin>
    </plugins>
  </broker>
</beans>

-----------------------------------------------------------------------------------------------------------------
Error:
-----------------------------------------------------------------------------------------------------------------
INFO  BrokerService                  - ActiveMQ 4.1.0-incubator JMS Message
Broker (authBroker) is starting
INFO  BrokerService                  - For help or more information please
see: http://incubator.apache.org/activemq/
INFO  TransportServerThreadSupport   - Listening for connections at:
ssl://localServer:61003
INFO  TransportConnector             - Connector ssl://localhost:61003
Started
INFO  TransportConnector             - Connector vm://authBroker Started
ERROR JmsQueueConnector              - Failed to initialize the JMSConnector
javax.jms.JMSException: User name or password is invalid.
        at
org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:46)
        at
org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1177)
        at
org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1259)
        at
org.apache.activemq.ActiveMQConnection.start(ActiveMQConnection.java:447)
        at
org.apache.activemq.network.jms.JmsQueueConnector.initializeLocalQueueConnection(JmsQueueConnector.java:253)
        at
org.apache.activemq.network.jms.JmsQueueConnector.init(JmsQueueConnector.java:55)
        at
org.apache.activemq.network.jms.JmsConnector.start(JmsConnector.java:114)
        at
org.apache.activemq.broker.BrokerService.startAllConnectors(BrokerService.java:1485)
        at
org.apache.activemq.broker.BrokerService.start(BrokerService.java:402)
        at
org.apache.activemq.xbean.XBeanBrokerService.afterPropertiesSet(XBeanBrokerService.java:47)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1062)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1029)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:420)
        at
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:245)
        at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:242)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:156)
        at
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:290)
        at
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:348)
        at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:161)
        at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
        at
org.apache.activemq.xbean.XBeanBrokerFactory.createBroker(XBeanBrokerFactory.java:41)
        at
org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:57)
        at
org.apache.activemq.console.command.StartCommand.startBroker(StartCommand.java:82)
        at
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:63)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:50)
        at
org.apache.activemq.console.command.ShellCommand.runTask(ShellCommand.java:79)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:50)
        at
org.apache.activemq.console.command.ShellCommand.main(ShellCommand.java:46)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.activemq.console.Main.runTaskClass(Main.java:159)
        at org.apache.activemq.console.Main.main(Main.java:91)
Caused by: java.lang.SecurityException: User name or password is invalid.
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:84)
        at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
        at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:92)
        at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:687)
        at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:121)
        at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:284)
        at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:177)
        at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:95)
        at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:65)
        at
org.apache.activemq.transport.vm.VMTransport.syncOneWay(VMTransport.java:96)
        at
org.apache.activemq.transport.vm.VMTransport.oneway(VMTransport.java:83)
        at
org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:43)
        at
org.apache.activemq.transport.ResponseCorrelator.asyncRequest(ResponseCorrelator.java:69)
        at
org.apache.activemq.transport.ResponseCorrelator.request(ResponseCorrelator.java:74)
        at
org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1171)
        ... 33 more
Caused by: javax.security.auth.login.LoginException:
java.lang.NullPointerException
        at java.util.Hashtable.get(Hashtable.java:336)
        at java.util.Properties.getProperty(Properties.java:774)
        at
org.apache.activemq.jaas.PropertiesLoginModule.login(PropertiesLoginModule.java:112)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:77)
        at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
        at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:92)
        at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:687)
        at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:121)
        at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:284)
        at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:177)
        at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:95)
        at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:65)
        at
org.apache.activemq.transport.vm.VMTransport.syncOneWay(VMTransport.java:96)
        at
org.apache.activemq.transport.vm.VMTransport.oneway(VMTransport.java:83)
        at
org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:43)
        at
org.apache.activemq.transport.ResponseCorrelator.asyncRequest(ResponseCorrelator.java:69)
        at
org.apache.activemq.transport.ResponseCorrelator.request(ResponseCorrelator.java:74)
        at
org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1171)
        at
org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1259)
        at
org.apache.activemq.ActiveMQConnection.start(ActiveMQConnection.java:447)
        at
org.apache.activemq.network.jms.JmsQueueConnector.initializeLocalQueueConnection(JmsQueueConnector.java:253)
        at
org.apache.activemq.network.jms.JmsQueueConnector.init(JmsQueueConnector.java:55)
        at
org.apache.activemq.network.jms.JmsConnector.start(JmsConnector.java:114)
        at
org.apache.activemq.broker.BrokerService.startAllConnectors(BrokerService.java:1485)
        at
org.apache.activemq.broker.BrokerService.start(BrokerService.java:402)
        at
org.apache.activemq.xbean.XBeanBrokerService.afterPropertiesSet(XBeanBrokerService.java:47)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1062)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1029)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:420)
        at
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:245)
        at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:141)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:242)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:156)
        at
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:290)
        at
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:348)
        at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:161)
        at
org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
        at
org.apache.activemq.xbean.XBeanBrokerFactory.createBroker(XBeanBrokerFactory.java:41)
        at
org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:57)
        at
org.apache.activemq.console.command.StartCommand.startBroker(StartCommand.java:82)
        at
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:63)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:50)
        at
org.apache.activemq.console.command.ShellCommand.runTask(ShellCommand.java:79)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:50)
        at
org.apache.activemq.console.command.ShellCommand.main(ShellCommand.java:46)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.activemq.console.Main.runTaskClass(Main.java:159)
        at org.apache.activemq.console.Main.main(Main.java:91)
        at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
        at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:77)
        ... 47 more
INFO  JmsConnector                   - JMS Connector Connector:0 Started
-----------------------------------------------------------------------------------------------------------------

-- 
View this message in context: http://www.nabble.com/JMS-Bridge-with-ssl-%2B-authentication-issue-tf3430175s2354.html#a9562355
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message