Return-Path: 
 <users-return-31061-apmail-activemq-users-archive=activemq.apache.org@activemq.apache.org>
X-Original-To: apmail-activemq-users-archive@www.apache.org
Delivered-To: apmail-activemq-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 89F3AC40A
	for <apmail-activemq-users-archive@www.apache.org>;
 Mon, 11 Jun 2012 15:08:17 +0000 (UTC)
Received: (qmail 32869 invoked by uid 500); 11 Jun 2012 15:08:17 -0000
Delivered-To: apmail-activemq-users-archive@activemq.apache.org
Received: (qmail 32833 invoked by uid 500); 11 Jun 2012 15:08:17 -0000
Mailing-List: contact users-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@activemq.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@activemq.apache.org>
List-Post: <mailto:users@activemq.apache.org>
List-Id: <users.activemq.apache.org>
Reply-To: users@activemq.apache.org
Delivered-To: mailing list users@activemq.apache.org
Received: (qmail 32825 invoked by uid 99); 11 Jun 2012 15:08:17 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Jun 2012 15:08:17 +0000
X-ASF-Spam-Status: No, hits=1.3 required=5.0
	tests=RCVD_IN_DNSWL_NONE,SPF_PASS,URI_HEX
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of christopher_wood@pobox.com
 designates 74.115.168.62 as permitted sender)
Received: from [74.115.168.62] (HELO sasl.smtp.pobox.com) (74.115.168.62)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Jun 2012 15:08:10 +0000
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1])
	by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 34754A450
	for <users@activemq.apache.org>; Mon, 11 Jun 2012 11:07:48 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to
	:subject:message-id:references:mime-version:content-type
	:in-reply-to; s=sasl; bh=4x8N8pkztjMLeeqTwJqagmDDY3A=; b=rQVWf+M
	mEMo1Da5EWAli3DMVdLJswjRQssEeSezwA0vlXDrZGYXpeTrW260g2zh7M5vOHYP
	vmCSScoAf4jvZnXmAFIYQCxzN1x8FklnMxSjD1QWE/BLRYYl7ckSW6ziwrSaCE6o
	QhmU3fZaMuMVWrfDgvss67g5LXQjnaW+SsZk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from:to
	:subject:message-id:references:mime-version:content-type
	:in-reply-to; q=dns; s=sasl; b=wW/ARzbGvl0kmaRbunvYRYTPf/WQ1AF7T
	qO0mKcdVqy3wL2DSeNbyt3c2HR965gT1CJ4w6NY64/NMXL0QwrtGY0zD4cwEwtdD
	azTa98N6CKSSU+BTzvWxER7XGA/OMhFpEN1LOg9IjmMkX7Y+CaKV5WSALd6Yg+z1
	qEW4ILM66I=
Received: from a-pb-sasl-sd.pobox.com (unknown [127.0.0.1])
	by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 153BAA44F
	for <users@activemq.apache.org>; Mon, 11 Jun 2012 11:07:48 -0400 (EDT)
Received: from localhost (unknown [64.56.236.72]) (using TLSv1 with cipher
 DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by
 a-pb-sasl-sd.pobox.com (Postfix) with ESMTPSA id 749FAA44D for
 <users@activemq.apache.org>; Mon, 11 Jun 2012 11:07:47 -0400 (EDT)
Date: Mon, 11 Jun 2012 11:07:46 -0400
From: Christopher Wood <christopher_wood@pobox.com>
To: users@activemq.apache.org
Subject: Re: ActiveMQ 5 - Specifying a broker's destinations in an external
 file
Message-ID: <20120611150746.GA22822@iniquitous.heresiarch.ca>
References: <1339424803016-4653166.post@n4.nabble.com>
 <20120611143921.GA22765@iniquitous.heresiarch.ca>
 <1339426815415-4653170.post@n4.nabble.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1339426815415-4653170.post@n4.nabble.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Pobox-Relay-ID: 
 34504C34-B3D7-11E1-A8C0-8DF2579FE65A-08853527!a-pb-sasl-sd.pobox.com

I cribbed from here:

http://activemq.apache.org/security.html#Security-LDAPAuthenticationUsingtheJAASPlugin

And my login.config file looks like this:

LdapConfiguration { 
   org.apache.activemq.jaas.LDAPLoginModule required 
       debug=true 
       initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory 
       connectionURL="ldap://ldap-lab.my.com:389" 
       connectionUsername="cn=mqbroker,ou=services,o=my" 
       connectionPassword=password
       connectionProtocol=s 
       authentication=simple 
       userBase="ou=User,ou=ActiveMQ,ou=systems,o=my" 
       userRoleName=dummyUserRoleName 
       userSearchMatching="(uid={0})" 
       userSearchSubtree=false 
       roleBase="ou=Group,ou=ActiveMQ,ou=systems,o=my" 
       roleName=cn 
       roleSearchMatching="(member:=uid={1})" 
       roleSearchSubtree=true 
       ; 
};


On Mon, Jun 11, 2012 at 08:00:15AM -0700, ndipiazza wrote:
> Christopher,
> 
> Thanks for shedding some light on this with this suggestion. So I'm
> unfortunately not super familiar with this plug-in. So in your case
> "LdapConfiguration" maps back to a configuration in activemq where
> destinations are configured to be looked up from your LDAP server? 
> 
> If you don't mind, can you please show me what the LdapConfiguration element
> looks like for your usage? That would be extremely helpful. 
> 
> -Nicholas 
> 
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/ActiveMQ-5-Specifying-a-broker-s-destinations-in-an-external-file-tp4653166p4653170.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>