activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ttmdev <joe.fernan...@ttmsolutions.com>
Subject Re: Active MQ JAAS
Date Fri, 26 Oct 2007 20:36:44 GMT

Just for grins, I took your authorizationPlugin  and deployed it onto my JAAS
test setup; everything worked fine.  

I can only guess that you're somehow picking up the wrong user.properties
and/or groups.properties file. 

Did you set java.security.auth.login.config ? Or are you letting the JAAS
plugin find it in the class path?

Joe



CobraTheSleek wrote:
> 
> I am using activemq-5.0-SNAPSHOT and am trying to get JAAS authentication
> working.
> I have the login.config and user/group property files configured as per
> the example http://activemq.apache.org/security.html
> 
> I beleive others have faced this problem but I have not found a concrete
> answer. I get the following error when attempting to run the junits.
> 
> 
> javax.jms.JMSException: User user is not authorized to read from:
> topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
> 	at
> org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:46)
> 	at
> org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1181)
> 	at org.apache.activemq.AdvisoryConsumer.<init>(AdvisoryConsumer.java:46)
> 	at
> org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1272)
> 
> My broker-config.xml is configured with the jass authentication module:
> 
>  <plugins>
> 	    <jaasAuthenticationPlugin configuration="activemq-domain" />  
>   <authorizationPlugin>
>         <map>
>           <authorizationMap>
> 		  <authorizationEntries>
> 		<!-- For all Queues admins can read and write -->
>                 <authorizationEntry queue=">" read="admins" write="admins"
> admin="admins" />
> 		<!-- For all Queues USERS. users can read and write and admin -->
> 		<authorizationEntry queue="USERS.>" read="users" write="users"
> admin="users" />
>                 <authorizationEntry queue="GUEST.>" read="guests"
> write="guests,users" admin="guests,users" />
>               
>                 <authorizationEntry topic=">" read="admins" write="admins"
> admin="admins" />
>                 <authorizationEntry topic="USERS.>" read="users"
> write="users" admin="users" />
>                 <authorizationEntry topic="GUEST.>" read="guests"
> write="guests,users" admin="guests,users" />
>                 <authorizationEntry
> topic="org.apache.activemq.spring.Test.spring.topic" read="users"
> write="users" admin="guests,users" />
>               
> 		<!--<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users"
> write="guests,users" admin="guests,users"/>-->
>               <authorizationEntry topic="ActiveMQ.>" read="guests,users"
> write="guests,users" admin="guests,users"/>
> 
>             </authorizationEntries>
>             <tempDestinationAuthorizationEntry>  
>               <tempDestinationAuthorizationEntry
> read="tempDestinationAdmins" write="tempDestinationAdmins"
> admin="tempDestinationAdmins"/>
>            </tempDestinationAuthorizationEntry>     
>             
>           </authorizationMap>
>         </map>
>       </authorizationPlugin>
> 
> I have tried to delete the activemq-data directory etc to no avail. The
> SimpleAuthenticationPlugin works perfectly though. 
> 
> Any tips would be appreciated.
> 
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Active-MQ-JAAS-tf4699203s2354.html#a13434991
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message