activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From CobraTheSleek <kalic...@yahoo.com>
Subject Re: Active MQ JAAS
Date Fri, 26 Oct 2007 21:48:48 GMT

Joe,

Thanks much for the reply. I have a login.config defined in the classpath. I
am using JBoss so in my exploded activemq-rar I have the login.config and
users.properties and groups.properties defined.

Thats about the only thing I am guessing to is that my users.properties is
not picked up or the groups.properties is not picked up.

Thanks much.


ttmdev wrote:
> 
> Just for grins, I took your authorizationPlugin  and deployed it onto my
> JAAS test setup; everything worked fine.  
> 
> I can only guess that you're somehow picking up the wrong user.properties
> and/or groups.properties file. 
> 
> Did you set java.security.auth.login.config ? Or are you letting the JAAS
> plugin find it in the class path?
> 
> Joe
> 
> 
> 
> CobraTheSleek wrote:
>> 
>> I am using activemq-5.0-SNAPSHOT and am trying to get JAAS authentication
>> working.
>> I have the login.config and user/group property files configured as per
>> the example http://activemq.apache.org/security.html
>> 
>> I beleive others have faced this problem but I have not found a concrete
>> answer. I get the following error when attempting to run the junits.
>> 
>> 
>> javax.jms.JMSException: User user is not authorized to read from:
>> topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
>> 	at
>> org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:46)
>> 	at
>> org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1181)
>> 	at org.apache.activemq.AdvisoryConsumer.<init>(AdvisoryConsumer.java:46)
>> 	at
>> org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1272)
>> 
>> My broker-config.xml is configured with the jass authentication module:
>> 
>>  <plugins>
>> 	    <jaasAuthenticationPlugin configuration="activemq-domain" />  
>>   <authorizationPlugin>
>>         <map>
>>           <authorizationMap>
>> 		  <authorizationEntries>
>> 		<!-- For all Queues admins can read and write -->
>>                 <authorizationEntry queue=">" read="admins"
>> write="admins" admin="admins" />
>> 		<!-- For all Queues USERS. users can read and write and admin -->
>> 		<authorizationEntry queue="USERS.>" read="users" write="users"
>> admin="users" />
>>                 <authorizationEntry queue="GUEST.>" read="guests"
>> write="guests,users" admin="guests,users" />
>>               
>>                 <authorizationEntry topic=">" read="admins"
>> write="admins" admin="admins" />
>>                 <authorizationEntry topic="USERS.>" read="users"
>> write="users" admin="users" />
>>                 <authorizationEntry topic="GUEST.>" read="guests"
>> write="guests,users" admin="guests,users" />
>>                 <authorizationEntry
>> topic="org.apache.activemq.spring.Test.spring.topic" read="users"
>> write="users" admin="guests,users" />
>>               
>> 		<!--<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users"
>> write="guests,users" admin="guests,users"/>-->
>>               <authorizationEntry topic="ActiveMQ.>" read="guests,users"
>> write="guests,users" admin="guests,users"/>
>> 
>>             </authorizationEntries>
>>             <tempDestinationAuthorizationEntry>  
>>               <tempDestinationAuthorizationEntry
>> read="tempDestinationAdmins" write="tempDestinationAdmins"
>> admin="tempDestinationAdmins"/>
>>            </tempDestinationAuthorizationEntry>     
>>             
>>           </authorizationMap>
>>         </map>
>>       </authorizationPlugin>
>> 
>> I have tried to delete the activemq-data directory etc to no avail. The
>> SimpleAuthenticationPlugin works perfectly though. 
>> 
>> Any tips would be appreciated.
>> 
>> 
>> 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Active-MQ-JAAS-tf4699203s2354.html#a13436005
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message