activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j0llyr0g3r <timo.roess...@wincor-nixdorf.com>
Subject Re: Simple authentication not working: Unrecognized xbean element mapping: authenticationUser
Date Mon, 21 Apr 2008 19:22:21 GMT

Hi and thx for your reply.....

Maybe i didn't make myself clear enough.....:-)

I follow exactly the documentation example from here:
http://activemq.apache.org/security.html

This means:

-> I create a login.conf:

activemq-domain {
    org.apache.activemq.jaas.PropertiesLoginModule required
        debug=true
       
org.apache.activemq.jaas.properties.user="/opt/activemq/conf/users.properties"
       
org.apache.activemq.jaas.properties.group="/opt/activemq/conf/groups.properties";
};

-> I create a users.properties:

system=manager

-> I create a groups.properties:

admins=system

-> I make the following entry in activemq.xml:

    <plugins>
      <jaasAuthenticationPlugin configuration="activemq-domain" />

	<simpleAuthenticationPlugin>
		<users>
			<authenticationUser username="system" password="manager"
						groups="admins"/>
		</users>
	</simpleAuthenticationPlugin>
    </plugins> 



-> I modify the activemq-start-script by adding:

-Djava.security.auth.login.config="/opt/activemq/conf/login.conf"

According to the documentation, this should be it(?).

But now, on start-up, the broker gives me the error:

ERROR: java.lang.RuntimeException: Failed to execute start task. Reason:
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'org.apache.activemq.broker.util.CommandAgent' defined in class
path resource [activemq.xml]: Invocation of init method failed; nested
exception is javax.jms.JMSException: User name or password is invalid.
java.lang.RuntimeException: Failed to execute start task. Reason:
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'org.apache.activemq.broker.util.CommandAgent' defined in class
path resource [activemq.xml]: Invocation of init method failed; nested
exception is javax.jms.JMSException: User name or password is invalid.
        at
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:99)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
        at
org.apache.activemq.console.command.ShellCommand.runTask(ShellCommand.java:104)
        at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
        at
org.apache.activemq.console.command.ShellCommand.main(ShellCommand.java:76)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.activemq.console.Main.runTaskClass(Main.java:222)
        at org.apache.activemq.console.Main.main(Main.java:106)
Caused by: org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'org.apache.activemq.broker.util.CommandAgent'
defined in class path resource [activemq.xml]: Invocation of init method
failed; nested exception is javax.jms.JMSException: User name or password is
invalid.
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1174)
        at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:425)
        at
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251)
        at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:156)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248)
        at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:160)
        at
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:284)
        at
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:352)
        at
org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:64)
        at
org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:52)
        at
org.apache.activemq.xbean.XBeanBrokerFactory.createApplicationContext(XBeanBrokerFactory.java:91)
        at
org.apache.activemq.xbean.XBeanBrokerFactory.createBroker(XBeanBrokerFactory.java:51)
        at
org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:71)
        at
org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:54)
        at
org.apache.activemq.console.command.StartCommand.startBroker(StartCommand.java:112)
        at
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:74)
        ... 10 more
Caused by: javax.jms.JMSException: User name or password is invalid.
        at
org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:49)         
                                                                                         
                                                                                         
                                                                                 

Interesting line:

Caused by: javax.jms.JMSException: User name or password is invalid.

Ehm, 

how can this be invalid?

Ok, 

then i tried the advanced example below, meaning that i substituted

    <plugins>
      <jaasAuthenticationPlugin configuration="activemq-domain" />

	<simpleAuthenticationPlugin>
		<users>
			<authenticationUser username="system" password="manager"
						groups="admins"/>
		</users>
	</simpleAuthenticationPlugin>
    </plugins> 

with:

    <plugins>
	    <!--  use JAAS to authenticate using the login.config file on the
classpath to configure JAAS -->
	    <jaasAuthenticationPlugin configuration="activemq-domain" />
	    
	    <!--  lets configure a destination based authorization mechanism -->
	    <authorizationPlugin>
		    <map>
			    <authorizationMap>
				    <authorizationEntries>
					    <authorizationEntry queue=">" read="admins" write="admins"
admin="admins" />
				    </authorizationEntries>

			    </authorizationMap>
		    </map>
	    </authorizationPlugin>
    </plugins>

(login.conf, users.properties and groups.properties remain the same)

Then the broker fails on me with:

Caused by: java.lang.SecurityException: User name or password is invalid.
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
        at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
        at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
        at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:657)
        at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
        at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:281)
        at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:178)
        at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:100)
        at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:67)
        at
org.apache.activemq.transport.vm.VMTransport.iterate(VMTransport.java:202)
        at
org.apache.activemq.thread.DedicatedTaskRunner.runTask(DedicatedTaskRunner.java:98)
        at
org.apache.activemq.thread.DedicatedTaskRunner$1.run(DedicatedTaskRunner.java:36)
Caused by: javax.security.auth.login.LoginException: Unable to load user
properties file /opt/activemq/conf/opt/activemq/conf/users.properties


Interesting line:

Caused by: javax.security.auth.login.LoginException: Unable to load user
properties file /opt/activemq/conf/opt/activemq/conf/users.properties


Ok, so all of a sudden he doesn't like absolute paths anymore.

So i changed 

activemq-domain {
    org.apache.activemq.jaas.PropertiesLoginModule required
        debug=true
       
org.apache.activemq.jaas.properties.user="/opt/activemq/conf/users.properties"
       
org.apache.activemq.jaas.properties.group="/opt/activemq/conf/groups.properties";
};

to

activemq-domain {
    org.apache.activemq.jaas.PropertiesLoginModule required
        debug=true
        org.apache.activemq.jaas.properties.user="users.properties"
        org.apache.activemq.jaas.properties.group="groups.properties";
};

but now the broker gives me:

WARN  TransportConnection            - Failed to add Connection
java.lang.SecurityException: User name or password is invalid.
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
        at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
        at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
        at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:657)
        at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
        at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:281)
        at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:178)
        at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:100)
        at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:67)
        at
org.apache.activemq.transport.vm.VMTransport.iterate(VMTransport.java:202)
        at
org.apache.activemq.thread.DedicatedTaskRunner.runTask(DedicatedTaskRunner.java:98)
        at
org.apache.activemq.thread.DedicatedTaskRunner$1.run(DedicatedTaskRunner.java:36)
Caused by: javax.security.auth.login.LoginException:
java.lang.NullPointerException
        at java.util.Hashtable.get(Hashtable.java:334)
        at java.util.Properties.getProperty(Properties.java:932)
        at
org.apache.activemq.jaas.PropertiesLoginModule.login(PropertiesLoginModule.java:116)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
        at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
        at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
        at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:657)
        at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
        at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:281)
        at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:178)
        at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:100)
        at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:67)
        at
org.apache.activemq.transport.vm.VMTransport.iterate(VMTransport.java:202)
        at
org.apache.activemq.thread.DedicatedTaskRunner.runTask(DedicatedTaskRunner.java:98)
        at
org.apache.activemq.thread.DedicatedTaskRunner$1.run(DedicatedTaskRunner.java:36)

        at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
        at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
        ... 11 more


What am i doing wrong here?

P.S. I use the latest amq stable release 5, xbean-spring lies under
/lib/optional
-- 
View this message in context: http://www.nabble.com/Simple-authentication-not-working%3A-Unrecognized-xbean-element-mapping%3A-authenticationUser-tp16765832s2354p16809859.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message