activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Carlos Quiroz <carlos.quiroz-cas...@nokia.com>
Subject Re: Authentication problem in AMQ 5.1
Date Thu, 15 May 2008 05:48:19 GMT

Hi and thanks for your response 

Maybe I should add that the queue is in the startup set 
                <destinations>
                        <queue physicalName="myqueue" />
                </destinations>

and that in the logs appears as it has been created
This worked fine in AMQ 5.0

Carlos


Dejan Bosanac wrote:
> 
> Hi Carlos,
> 
> it looks like you don't have "myqueue" created, so ActiveMQ tries to do
> that
> with supplied credentials. Try creating the queue manually if you don't
> want
> to use "admin" priviledges.
> 
> Regards
> -- 
> Dejan Bosanac
> www.scriptinginjava.net
> 
> On Wed, May 14, 2008 at 1:55 PM, Carlos Quiroz <
> carlos.quiroz-castro@nokia.com> wrote:
> 
>>
>> Hi
>>
>> I have been using AMQ 5.0 for a while and I have created my own
>> authentication plugin. When I switched to AMQ 5.1 my clients cannot
>> connect
>> anymore because somehow they are not authorized to create topics or
>> queues.
>> Apparently now when subscribing to a topic/queue you need to have admin
>> permission to do that. Is it so?
>>
>> My activemq.xml looks like:
>>
>>        <broker xmlns="http://activemq.org/config/1.0"
>>                brokerName="broker" dataDirectory="${activemq.base}/data"
>>                populateJMSXUserID="true" advisorySupport="true"
>> useJmx="true">
>>
>>                <plugins>
>>                        <bean name="MyLoginModule"
>>                                class=""
>>                                xmlns="">
>>
>>                        <!--  lets configure a destination based
>> authorization mechanism -->
>>                        <authorizationPlugin>
>>                                <map>
>>                                        <authorizationMap>
>>                                                <authorizationEntries>
>>                                                       
>> <authorizationEntry
>> queue=">" read="admins"
>>
>>  write="admins" admin="admins" />
>>                                                       
>> <authorizationEntry
>> queue="myqueu"
>>
>>  read="service" write="users" admin="admin" />
>> ....
>>                                </map>
>>                        </authorizationPlugin>
>>                </plugins>
>>
>>
>>
>>                <destinations>
>>                        <queue physicalName="myqueue />
>>                </destinations>
>>
>> Upon connection I get the exception below but it works if I change the
>> admin
>> permision of the queue to admin="users"
>>
>> Any idea about this? Why was this change added to AMQ 5.1? Should the
>> configuration change?
>>
>> Regards
>> Carlos Quiroz
>>
>>
>> java.lang.SecurityException: User 181.175 is not authorized to create:
>> queue://myqueue
>>        at
>>
>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:65)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148)
>>        at
>> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:443)
>>        at
>>
>> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:325)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:268)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:260)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.addDestination(AdvisoryBroker.java:153)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>>        at
>>
>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:71)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148)
>>        at
>>
>> org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:385)
>>        at
>>
>> org.apache.activemq.broker.region.AbstractRegion.addConsumer(AbstractRegion.java:219)
>>        at
>>
>> org.apache.activemq.broker.region.TopicRegion.addConsumer(TopicRegion.java:108)
>>        at
>>
>> org.apache.activemq.broker.region.RegionBroker.addConsumer(RegionBroker.java:401)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.addConsumer(AdvisoryBroker.java:83)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>>        at
>>
>> org.apache.activemq.security.AuthorizationBroker.addConsumer(AuthorizationBroker.java:132)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConsumer(MutableBrokerFilter.java:92)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConsumer(TransportConnection.java:529)
>>        at
>> org.apache.activemq.command.ConsumerInfo.visit(ConsumerInfo.java:345)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:293)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
>>        at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:80)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:134)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompSubscribe(ProtocolConverter.java:396)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:182)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:70)
>>        at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>>        at
>>
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:196)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:183)
>>        at java.lang.Thread.run(Thread.java:619)
>> --
>> View this message in context:
>> http://www.nabble.com/Authentication-problem-in-AMQ-5.1-tp17229324s2354p17229324.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>>
>>
> 
> 
> -----
> Dejan Bosanac
> www.scriptinginjava.net
> 

-- 
View this message in context: http://www.nabble.com/Authentication-problem-in-AMQ-5.1-tp17229324s2354p17246332.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.


Mime
View raw message