activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac" <de...@nighttale.net>
Subject Re: Authentication problem in AMQ 5.1
Date Wed, 14 May 2008 11:59:42 GMT
Hi Carlos,

it looks like you don't have "myqueue" created, so ActiveMQ tries to do that
with supplied credentials. Try creating the queue manually if you don't want
to use "admin" priviledges.

Regards
-- 
Dejan Bosanac
www.scriptinginjava.net

On Wed, May 14, 2008 at 1:55 PM, Carlos Quiroz <
carlos.quiroz-castro@nokia.com> wrote:

>
> Hi
>
> I have been using AMQ 5.0 for a while and I have created my own
> authentication plugin. When I switched to AMQ 5.1 my clients cannot
> connect
> anymore because somehow they are not authorized to create topics or
> queues.
> Apparently now when subscribing to a topic/queue you need to have admin
> permission to do that. Is it so?
>
> My activemq.xml looks like:
>
>        <broker xmlns="http://activemq.org/config/1.0"
>                brokerName="broker" dataDirectory="${activemq.base}/data"
>                populateJMSXUserID="true" advisorySupport="true"
> useJmx="true">
>
>                <plugins>
>                        <bean name="MyLoginModule"
>                                class=""
>                                xmlns="">
>
>                        <!--  lets configure a destination based
> authorization mechanism -->
>                        <authorizationPlugin>
>                                <map>
>                                        <authorizationMap>
>                                                <authorizationEntries>
>                                                        <authorizationEntry
> queue=">" read="admins"
>
>  write="admins" admin="admins" />
>                                                        <authorizationEntry
> queue="myqueu"
>
>  read="service" write="users" admin="admin" />
> ....
>                                </map>
>                        </authorizationPlugin>
>                </plugins>
>
>
>
>                <destinations>
>                        <queue physicalName="myqueue />
>                </destinations>
>
> Upon connection I get the exception below but it works if I change the
> admin
> permision of the queue to admin="users"
>
> Any idea about this? Why was this change added to AMQ 5.1? Should the
> configuration change?
>
> Regards
> Carlos Quiroz
>
>
> java.lang.SecurityException: User 181.175 is not authorized to create:
> queue://myqueue
>        at
>
> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:65)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148)
>        at
> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:443)
>        at
>
> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:325)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:268)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:260)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.addDestination(AdvisoryBroker.java:153)
>        at
>
> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>        at
>
> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>        at
>
> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>        at
>
> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141)
>        at
>
> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:71)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148)
>        at
>
> org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:385)
>        at
>
> org.apache.activemq.broker.region.AbstractRegion.addConsumer(AbstractRegion.java:219)
>        at
>
> org.apache.activemq.broker.region.TopicRegion.addConsumer(TopicRegion.java:108)
>        at
>
> org.apache.activemq.broker.region.RegionBroker.addConsumer(RegionBroker.java:401)
>        at
> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.addConsumer(AdvisoryBroker.java:83)
>        at
> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>        at
> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>        at
> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>        at
> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85)
>        at
>
> org.apache.activemq.security.AuthorizationBroker.addConsumer(AuthorizationBroker.java:132)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addConsumer(MutableBrokerFilter.java:92)
>        at
>
> org.apache.activemq.broker.TransportConnection.processAddConsumer(TransportConnection.java:529)
>        at
> org.apache.activemq.command.ConsumerInfo.visit(ConsumerInfo.java:345)
>        at
>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:293)
>        at
>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
>        at
>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:80)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:134)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompSubscribe(ProtocolConverter.java:396)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:182)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:70)
>        at
>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>        at
>
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:196)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:183)
>        at java.lang.Thread.run(Thread.java:619)
> --
> View this message in context:
> http://www.nabble.com/Authentication-problem-in-AMQ-5.1-tp17229324s2354p17229324.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message