activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac" <de...@nighttale.net>
Subject Re: 5.2.0 JAAS Problem
Date Mon, 05 Jan 2009 14:58:41 GMT
Hi,
the default properties login module uses two files (users and groups), so I
guess that's why you are getting this exception. Try following the example
shown on the security page

http://activemq.apache.org/security.html#Security-Authentication


Regards
--
Dejan Bosanac

Open Source Integration - http://fusesource.com/
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net


On Mon, Jan 5, 2009 at 3:41 PM, geezmo <mb@netmonic.com> wrote:

>
> No, not really. The tutorial I followed used this.  With
> org.apache.activemq.jaas.PropertiesLoginModule I had another error on
> authenticating for the web console. Something with "User not in required
> role." Maybe you know the reason for that. Do you have/know a working
> tutorial for 5.2.0 with requirements: username+password for broker and web
> console.
>
> cheer,
> Manuel
>
>
> Dejan Bosanac wrote:
> >
> > Is there any specific reason you are using
> > org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule
> > instead of org.apache.activemq.jaas.PropertiesLoginModule?
> >
> > Cheers
> > --
> > Dejan Bosanac
> >
> > Open Source Integration - http://fusesource.com/
> > ActiveMQ in Action - http://www.manning.com/snyder/
> > Blog - http://www.nighttale.net
> >
> >
> > On Wed, Dec 31, 2008 at 2:54 PM, geezmo <mb@netmonic.com> wrote:
> >
> >>
> >> Hello,
> >>
> >> I try to configure JAAS to secure my broker and web console. Therefore I
> >> created login.config file with
> >>
> >> ActiveMQ {
> >>        org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
> >>        debug="true"
> >>        file="/full/path/to/realm.properties";
> >> };
> >>
> >> and my realm properties looks like
> >>
> >> system: manager,admins
> >>
> >> Further I added
> >>
> >> <plugins>
> >>
> >>                        <jaasAuthenticationPlugin
> configuration="ActiveMQ"
> >> />
> >>
> >>                        <!--  lets configure a destination based
> >> authorization mechanism -->
> >>                        <authorizationPlugin>
> >>                                <map>
> >>                                        <authorizationMap>
> >>                                                <authorizationEntries>
> >>
> >> <authorizationEntry
> >> queue=">" read="admins"
> >>
> >>  write="admins" admin="admins" />
> >>
> >>
> >> <authorizationEntry
> >> topic=">" read="admins"
> >>
> >>  write="admins" admin="admins" />
> >>                                                </authorizationEntries>
> >>
> >>
> >>  <tempDestinationAuthorizationEntry>
> >>
> >>  <tempDestinationAuthorizationEntry
> >>
> >>  read="admins" write="admins" admin="admins" />
> >>
> >>  </tempDestinationAuthorizationEntry>
> >>                                        </authorizationMap>
> >>                                </map>
> >>                        </authorizationPlugin>
> >>                </plugins>
> >>
> >> to my broker.
> >>
> >> I already use my jaas config successfully to login to my web console
> with
> >> given credentials. But if I try to send a message to a queue I get the
> >> following error:
> >>
> >> DEBUG TransportConnection            - Setting up new connection:
> >> /127.0.0.1:35604
> >> WARN  TransportConnection            - Failed to add Connection
> >> java.lang.SecurityException: User name or password is invalid.
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
> >>        at
> >>
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
> >>        at
> >>
> >>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
> >>        at
> >>
> >>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
> >>        at
> >>
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
> >>        at java.lang.Thread.run(Thread.java:619)
> >> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> >> modules ignored
> >>        at
> >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
> >>        at
> >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> >>        at
> >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> >>        at java.security.AccessController.doPrivileged(Native Method)
> >>        at
> >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> >>        at
> >> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
> >>        ... 17 more
> >> DEBUG Service                        - Error occured while processing
> >> sync
> >> command: java.lang.SecurityException: User name or password is invalid.
> >> java.lang.SecurityException: User name or password is invalid.
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
> >>        at
> >>
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
> >>        at
> >>
> >>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
> >>        at
> >>
> >>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
> >>        at
> >>
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
> >>        at java.lang.Thread.run(Thread.java:619)
> >> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> >> modules ignored
> >>        at
> >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
> >>        at
> >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> >>        at
> >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> >>        at java.security.AccessController.doPrivileged(Native Method)
> >>        at
> >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> >>        at
> >> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
> >>        ... 17 more
> >> DEBUG Transport                      - Transport failed:
> >> java.io.IOException: User name or password is invalid.
> >> java.io.IOException: User name or password is invalid.
> >>        at
> >>
> >>
> org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56)
> >>        at
> >>
> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
> >>        at
> >>
> >>
> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
> >>        at
> >>
> >>
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
> >>        at
> >>
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
> >>        at java.lang.Thread.run(Thread.java:619)
> >> Caused by: java.lang.SecurityException: User name or password is
> invalid.
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
> >>        at
> >>
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
> >>        at
> >>
> >>
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
> >>        at
> >>
> >>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
> >>        at
> >>
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
> >>        ... 10 more
> >> Caused by: javax.security.auth.login.LoginException: Login Failure: all
> >> modules ignored
> >>        at
> >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
> >>        at
> >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
> >>        at
> >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
> >>        at java.security.AccessController.doPrivileged(Native Method)
> >>        at
> >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> >>        at
> >> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
> >>        ... 17 more
> >> DEBUG TransportConnection            - Stopping connection: /
> >> 127.0.0.1:35604
> >> DEBUG TcpTransport                   - Stopping transport
> >> tcp:///127.0.0.1:35604
> >> DEBUG TransportConnection            - Stopped transport:
> >> /127.0.0.1:35604
> >> DEBUG TransportConnection            - Cleaning up connection resources:
> >> /127.0.0.1:35604
> >> WARN  Service                        - Failed to remove connection
> >> ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
> >> ID:tank2-58514-1230731215437-2:0, clientId =
> >> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
> >> brokerPath = null, brokerMasterConnector = false, manageable = false,
> >> clientMaster = true}
> >> java.lang.SecurityException: User is not authenticated.
> >>        at
> >>
> >>
> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52)
> >>        at
> >>
> >>
> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149)
> >>        at
> >>
> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
> >>        at
> >>
> >>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432)
> >>        at
> >>
> >>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362)
> >>        at
> >>
> >>
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357)
> >>        at
> >>
> >>
> org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217)
> >>        at
> >>
> >>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
> >>        at
> >>
> >>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
> >>        at
> >>
> >>
> org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95)
> >>        at
> >>
> >>
> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
> >>        at
> >>
> >>
> org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000)
> >>        at
> >>
> >>
> org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74)
> >>        at
> >>
> >>
> org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925)
> >> DEBUG TransportConnection            - Connection Stopped: /
> >> 127.0.0.1:35604
> >>
> >>
> >> Hope somone can help me =)
> >>
> >> kind regards,
> >> geezmo
> >> --
> >> View this message in context:
> >> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html
> >> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
> >>
> >>
> >
> >
> > -----
> > Dejan Bosanac
> >
> >
> > http://www.ttmsolutions.com - get a free ActiveMQ user guide
> >
> > ActiveMQ in Action - http://www.manning.com/snyder/
> > Scripting in Java - http://www.scriptinginjava.net
> >
>
> --
> View this message in context:
> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21292173.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message