activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brad Clements <...@murkworks.com>
Subject Where to find example ldap authorization setup?
Date Fri, 02 May 2008 02:39:32 GMT
Hi,


I'm just starting with the 5.2 snapshot today. I know very little about 
activemq. The release notes for 5.2 suggest that ldap authorization is 
working.

I want to use the http servlet and REST interface. But processes must 
authenticate before being able to send or receive. I need to 
authenticate with ldap.

There is surprisingly little detail on the website about how to 
configure ldap authentication. Not much in the mailing list archive either.

I really need an explicit example of how to set it up. I don't even know 
where exactly to specify the ldapAuthorizationMap information.

Here's what I did:


1. unpack the 5.2 snapshot

2. edit conf/activemq.xml

3. Add a plugins section in the only broker section I see in the 
provided activemq.xml file (this is probably why its not working)

it looks like:

    <broker xmlns="http://activemq.apache.org/schema/core" 
brokerName="localhost" dataDirectory="${activemq.base}/data">
        <plugins>
                <authorizationPlugin>
                  <map>
                        <ldapAuthorizationMap>
                          <options>
                                <property name="initialContextFactory" 
value="com.sun.jndi.ldap.LdapCtxFactory"/>
                                <property name="connectionURL" 
value="ldap://redacted"/>
                                <property name="authentication" 
value="simple"/>
                                <property name="connectionUsername" 
value="redacted"/>
                                <property name="connectionPassword" 
value="redacted"/>
                                <property name="connectionProtocol" 
value="s"/>
                                <property name="topicSearchMatching" 
value="uid={0},ou=topics,ou=destinations,o=ActiveMQ,redacted"/>
                                <property name="topicSearchSubtree" 
value="true"/>
                                <property name="queueSearchMatching" 
value="uid={0},ou=queues,ou=destinations,o=ActiveMQ,redacted"/>
                                <property name="queueSearchSubtree" 
value="true"/>
                                <property name="adminBase" 
value="(cn=admin)"/>
                                <property name="adminAttribute" 
value="uniqueMember"/>
                                <property name="readBase" 
value="(cn=read)"/>
                                <property name="readAttribute" 
value="uniqueMember"/>
                                <property name="writeBase" 
value="(cn=write)"/>
                                <property name="writeAttribute" 
value="uniqueMember"/>
                          </options>
                        </ldapAuthorizationMap>
                  </map>
                </authorizationPlugin>
        </plugins>


4. on startup I get this stack trace:

        ERROR: java.lang.RuntimeException: Failed to execute start task. 
Reason: org.springframework.beans.factory.BeanDefinitionStoreException: 
Unrecognized xbean element mapping: ldapAuthorizationMap in namespace 
http://activemq.apache.org/schema/core
        java.lang.RuntimeException: Failed to execute start task. 
Reason: org.springframework.beans.factory.BeanDefinitionStoreException: 
Unrecognized xbean element mapping: ldapAuthorizationMap in namespace 
http://activemq.apache.org/schema/core
                at 
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:99)
                at 
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
                at 
org.apache.activemq.console.command.ShellCommand.runTask(ShellCommand.java:104)
                at 
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
                at 
org.apache.activemq.console.command.ShellCommand.main(ShellCommand.java:76)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native 
Method)
                at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)


Perhaps I need to install another jar?

http://activemq.apache.org/initial-configuration.html

doesn't say anything about additional JAAS jars or ldap..

I'm sorry if this is a faq. I know nothing about spring, and little 
about java.

the example/conf/activemq.xml file is even simpler than the 
conf/activemq.xml file, so there's nothing there that's helpful.

I see mentions of needing a Jaas config, but I just can't seem to tie 
together all the steps needed to make it work.

Does anyone have a complete example of how to get ldap authentication to 
work?

Thanks


-- 
Brad Clements,                bkc@murkworks.com    (315)268-1000
http://www.murkworks.com                          
AOL-IM: BKClements


Mime
View raw message