activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac" <de...@nighttale.net>
Subject Re: 5.2.0 JAAS Problem
Date Mon, 05 Jan 2009 12:59:19 GMT
Is there any specific reason you are using
org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule
instead of org.apache.activemq.jaas.PropertiesLoginModule?

Cheers
--
Dejan Bosanac

Open Source Integration - http://fusesource.com/
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net


On Wed, Dec 31, 2008 at 2:54 PM, geezmo <mb@netmonic.com> wrote:

>
> Hello,
>
> I try to configure JAAS to secure my broker and web console. Therefore I
> created login.config file with
>
> ActiveMQ {
>        org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
>        debug="true"
>        file="/full/path/to/realm.properties";
> };
>
> and my realm properties looks like
>
> system: manager,admins
>
> Further I added
>
> <plugins>
>
>                        <jaasAuthenticationPlugin configuration="ActiveMQ"
> />
>
>                        <!--  lets configure a destination based
> authorization mechanism -->
>                        <authorizationPlugin>
>                                <map>
>                                        <authorizationMap>
>                                                <authorizationEntries>
>                                                        <authorizationEntry
> queue=">" read="admins"
>
>  write="admins" admin="admins" />
>
>                                                        <authorizationEntry
> topic=">" read="admins"
>
>  write="admins" admin="admins" />
>                                                </authorizationEntries>
>
>
>  <tempDestinationAuthorizationEntry>
>
>  <tempDestinationAuthorizationEntry
>
>  read="admins" write="admins" admin="admins" />
>
>  </tempDestinationAuthorizationEntry>
>                                        </authorizationMap>
>                                </map>
>                        </authorizationPlugin>
>                </plugins>
>
> to my broker.
>
> I already use my jaas config successfully to login to my web console with
> given credentials. But if I try to send a message to a queue I get the
> following error:
>
> DEBUG TransportConnection            - Setting up new connection:
> /127.0.0.1:35604
> WARN  TransportConnection            - Failed to add Connection
> java.lang.SecurityException: User name or password is invalid.
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>        at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>        at
>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>        at
>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>        at
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>        at
>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>        at
>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>        at
>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>        at
>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>        at java.lang.Thread.run(Thread.java:619)
> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> modules ignored
>        at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>        at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>        at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>        at java.security.AccessController.doPrivileged(Native Method)
>        at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>        at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>        ... 17 more
> DEBUG Service                        - Error occured while processing sync
> command: java.lang.SecurityException: User name or password is invalid.
> java.lang.SecurityException: User name or password is invalid.
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>        at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>        at
>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>        at
>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>        at
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>        at
>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>        at
>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>        at
>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>        at
>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>        at java.lang.Thread.run(Thread.java:619)
> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> modules ignored
>        at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>        at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>        at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>        at java.security.AccessController.doPrivileged(Native Method)
>        at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>        at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>        ... 17 more
> DEBUG Transport                      - Transport failed:
> java.io.IOException: User name or password is invalid.
> java.io.IOException: User name or password is invalid.
>        at
>
> org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56)
>        at
> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
>        at
>
> org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207)
>        at
>
> org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793)
>        at
>
> org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752)
>        at
>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
>        at
>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>        at
>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>        at
>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>        at
>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>        at
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>        at java.lang.Thread.run(Thread.java:619)
> Caused by: java.lang.SecurityException: User name or password is invalid.
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>        at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>        at
>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>        at
>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>        at
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>        at
>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>        at
>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>        ... 10 more
> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> modules ignored
>        at
> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>        at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>        at
> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>        at java.security.AccessController.doPrivileged(Native Method)
>        at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>        at
> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>        ... 17 more
> DEBUG TransportConnection            - Stopping connection: /
> 127.0.0.1:35604
> DEBUG TcpTransport                   - Stopping transport
> tcp:///127.0.0.1:35604
> DEBUG TransportConnection            - Stopped transport: /127.0.0.1:35604
> DEBUG TransportConnection            - Cleaning up connection resources:
> /127.0.0.1:35604
> WARN  Service                        - Failed to remove connection
> ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
> ID:tank2-58514-1230731215437-2:0, clientId =
> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
> brokerPath = null, brokerMasterConnector = false, manageable = false,
> clientMaster = true}
> java.lang.SecurityException: User is not authenticated.
>        at
>
> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149)
>        at
> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417)
>        at
>
> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357)
>        at
>
> org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217)
>        at
>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>        at
>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>        at
>
> org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95)
>        at
>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>        at
>
> org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117)
>        at
>
> org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721)
>        at
>
> org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000)
>        at
>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74)
>        at
>
> org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925)
> DEBUG TransportConnection            - Connection Stopped: /
> 127.0.0.1:35604
>
>
> Hope somone can help me =)
>
> kind regards,
> geezmo
> --
> View this message in context:
> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message