activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Pavlovich <mattr...@gmail.com>
Subject Re: Using LDAP login module
Date Wed, 01 Feb 2012 19:34:23 GMT
Chris-

Try adding "s" to the connectionProtocol value, so it'd read 
connectionProtocol="s".  I think that's for "simple", as in clear text 
password to auth against LDAP.

Matt

On 2/1/12 12:22 PM, Chris Robison wrote:
> I'm trying to use the LDAP login module to tie into Active Directory.
> Here's what my AMQ conf looks like:
>
> <plugins>
> <jaasAuthenticationPlugin configuration="ldap-login" />
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="MQCoreAdmin" write="MQCoreAdmin"
> admin="MQCoreAdmin" />
> <authorizationEntry topic=">" read="MQCoreAdmin" write="MQCoreAdmin"
> admin="MQCoreAdmin" />
> </authorizationEntries>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> </plugins>
>
> Here is what the login.config looks like:
>
> ldap-login {
>    org.apache.activemq.jaas.LDAPLoginModule required
>      debug=true
>      initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
>      connectionURL="ldap://dc101.cdr.corp"
>      connectionUsername="CN=AMQ Service User,CN=Users,DC=cdr,DC=corp"
>      connectionPassword=Password!
>      connectionProtocol=""
>      authentication=simple
>      userBase="OU=Users,OU=ActiveMQ,DC=cdr,DC=corp"
>      userSearchMatching="(samaccountname={0})"
>      userSearchSubtree=false
>      roleBase="OU=Groups,OU=ActiveMQ,DC=cdr,DC=corp"
>      roleName=cn
>      roleSearchMatching="(member={0})"
>      roleSearchSubtree=false
>      ;
> };
>
> I'm trying to simply connect another broker to this broker. Here is the
> network connector config that I'm using on the second broker:
>
>          <networkConnectors>
>              <networkConnector uri="static:(tcp://localhost:61616)"
> duplex="true" userName="mqsiteuser1" password="Password!"/>
>          </networkConnectors>
>
> Here's the exception I'm getting in the logs:
>
> 2012-02-01 11:14:07,064 | WARN  | Failed to add Connection
> ID:ubuntu1-54051-1328120046405-2:1, reason: java.lang.SecurityException:
> User name or password is invalid. |
> org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///
> 127.0.0.1:45176
> 2012-02-01 11:14:07,070 | DEBUG | Exception detail: |
> org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///
> 127.0.0.1:45176
> java.lang.SecurityException: User name or password is invalid.
> at
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
> at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)
> at
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
> at
> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:692)
> at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:137)
> at
> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:306)
> at
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
> at
> org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:116)
> at
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
> at
> org.apache.activemq.transport.vm.VMTransport.dispatch(VMTransport.java:121)
> at org.apache.activemq.transport.vm.VMTransport.oneway(VMTransport.java:112)
> at
> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
> at
> org.apache.activemq.transport.ResponseCorrelator.oneway(ResponseCorrelator.java:60)
> at
> org.apache.activemq.network.DemandForwardingBridgeSupport.serviceRemoteCommand(DemandForwardingBridgeSupport.java:516)
> at
> org.apache.activemq.network.DemandForwardingBridgeSupport$2.onCommand(DemandForwardingBridgeSupport.java:165)
> at
> org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:116)
> at
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
> at
> org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)
> at
> org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:227)
> at
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
> at
> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:220)
> at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:202)
> at java.lang.Thread.run(Thread.java:679)
> Caused by: java.lang.SecurityException: Configuration Error:
> Line 6: expected [option key], found [null]
> at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:110)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
> at java.lang.Class.newInstance0(Class.java:372)
> at java.lang.Class.newInstance(Class.java:325)
> at javax.security.auth.login.Configuration$3.run(Configuration.java:264)
> at javax.security.auth.login.Configuration$3.run(Configuration.java:260)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> javax.security.auth.login.Configuration.getConfiguration(Configuration.java:259)
> at javax.security.auth.login.LoginContext$1.run(LoginContext.java:254)
> at javax.security.auth.login.LoginContext$1.run(LoginContext.java:252)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.init(LoginContext.java:251)
> at javax.security.auth.login.LoginContext.<init>(LoginContext.java:418)
> at
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:75)
> ... 22 more
> Caused by: java.io.IOException: Configuration Error:
> Line 6: expected [option key], found [null]
> at com.sun.security.auth.login.ConfigFile.match(ConfigFile.java:577)
> at
> com.sun.security.auth.login.ConfigFile.parseLoginEntry(ConfigFile.java:440)
> at com.sun.security.auth.login.ConfigFile.readConfig(ConfigFile.java:383)
> at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:283)
> at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:219)
> at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:108)
> ... 38 more
>
> I'm not understanding the Configuration Error. What is it expecting that
> I'm not giving it? Any help would be appreciated.
>
> Thanks,
> Chris
>

Mime
View raw message