activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Robison <chrisdrobi...@gmail.com>
Subject Using LDAP login module
Date Wed, 01 Feb 2012 18:22:53 GMT
I'm trying to use the LDAP login module to tie into Active Directory.
Here's what my AMQ conf looks like:

<plugins>
<jaasAuthenticationPlugin configuration="ldap-login" />
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="MQCoreAdmin" write="MQCoreAdmin"
admin="MQCoreAdmin" />
<authorizationEntry topic=">" read="MQCoreAdmin" write="MQCoreAdmin"
admin="MQCoreAdmin" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>

Here is what the login.config looks like:

ldap-login {
  org.apache.activemq.jaas.LDAPLoginModule required
    debug=true
    initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
    connectionURL="ldap://dc101.cdr.corp"
    connectionUsername="CN=AMQ Service User,CN=Users,DC=cdr,DC=corp"
    connectionPassword=Password!
    connectionProtocol=""
    authentication=simple
    userBase="OU=Users,OU=ActiveMQ,DC=cdr,DC=corp"
    userSearchMatching="(samaccountname={0})"
    userSearchSubtree=false
    roleBase="OU=Groups,OU=ActiveMQ,DC=cdr,DC=corp"
    roleName=cn
    roleSearchMatching="(member={0})"
    roleSearchSubtree=false
    ;
};

I'm trying to simply connect another broker to this broker. Here is the
network connector config that I'm using on the second broker:

        <networkConnectors>
            <networkConnector uri="static:(tcp://localhost:61616)"
duplex="true" userName="mqsiteuser1" password="Password!"/>
        </networkConnectors>

Here's the exception I'm getting in the logs:

2012-02-01 11:14:07,064 | WARN  | Failed to add Connection
ID:ubuntu1-54051-1328120046405-2:1, reason: java.lang.SecurityException:
User name or password is invalid. |
org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///
127.0.0.1:45176
2012-02-01 11:14:07,070 | DEBUG | Exception detail: |
org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///
127.0.0.1:45176
java.lang.SecurityException: User name or password is invalid.
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)
at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:692)
at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:137)
at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:306)
at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:116)
at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
at
org.apache.activemq.transport.vm.VMTransport.dispatch(VMTransport.java:121)
at org.apache.activemq.transport.vm.VMTransport.oneway(VMTransport.java:112)
at
org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
at
org.apache.activemq.transport.ResponseCorrelator.oneway(ResponseCorrelator.java:60)
at
org.apache.activemq.network.DemandForwardingBridgeSupport.serviceRemoteCommand(DemandForwardingBridgeSupport.java:516)
at
org.apache.activemq.network.DemandForwardingBridgeSupport$2.onCommand(DemandForwardingBridgeSupport.java:165)
at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:116)
at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
at
org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)
at
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:227)
at
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
at
org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:220)
at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:202)
at java.lang.Thread.run(Thread.java:679)
Caused by: java.lang.SecurityException: Configuration Error:
Line 6: expected [option key], found [null]
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:110)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at java.lang.Class.newInstance0(Class.java:372)
at java.lang.Class.newInstance(Class.java:325)
at javax.security.auth.login.Configuration$3.run(Configuration.java:264)
at javax.security.auth.login.Configuration$3.run(Configuration.java:260)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.Configuration.getConfiguration(Configuration.java:259)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:254)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:252)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(LoginContext.java:251)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:418)
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:75)
... 22 more
Caused by: java.io.IOException: Configuration Error:
Line 6: expected [option key], found [null]
at com.sun.security.auth.login.ConfigFile.match(ConfigFile.java:577)
at
com.sun.security.auth.login.ConfigFile.parseLoginEntry(ConfigFile.java:440)
at com.sun.security.auth.login.ConfigFile.readConfig(ConfigFile.java:383)
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:283)
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:219)
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:108)
... 38 more

I'm not understanding the Configuration Error. What is it expecting that
I'm not giving it? Any help would be appreciated.

Thanks,
Chris

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message