activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Coward <...@jive-videos.net>
Subject Broker-to-broker Authentication with LDAP Broker Discovery
Date Mon, 10 Dec 2012 15:07:31 GMT
Hi all,
Does anyone use ldap broker discovery with broker authentication ? 
Having worked out that the ldap discovery simply will not work if I have 
useJMX="true" in the broker config, I now have it querying my ldap 
directory for brokers, but since I have authentication enabled on my 
brokers, the connection is failing as it doesn't appear to be picking up 
and passing through the broker credentials.

According to http://activemq.apache.org/security.html you just add 
userName and password attributes to the networkConnector, and 
http://activemq.apache.org/ldap-broker-discovery-mechanism.html states:
*Other Properties*
All of the properties defined in Networks of Brokers 
<http://activemq.apache.org/networks-of-brokers.html> are also available 
to the ldapNetworkConnector. Any of the properties defined for a normal 
networkConnector will be used as connection parameters to any discovered 
brokers matching the search criteria.

However when I use the following config, it seems that userName and 
password attributes are not passed to authenticate the connection:

             <ldapNetworkConnector 
uri="failover:(ldap://ldap1:389,ldap://ldap2:389)"
base="ou=Office,ou=Brokers,ou=ActiveMQ,ou=Systems,dc=myorg,dc=net"
                                   searchFilter="(cn=*)"
                                   userName="activemq"
user="cn=activemq,ou=Systems,dc=myorg,dc=net"
                                   password="Secret"
                                   searchScope="SUBTREE_SCOPE"
                                   prefetchSize="1"
                             />

And the errors from the console are:

DEBUG | Using min of local: WireFormatInfo { version=9, 
properties={MaxFrameSize=9223372036854775807, CacheSize=1024, 
CacheEnabled=true, SizePrefixDisabled=false, 
MaxInactivityDurationInitalDelay=10000, TcpNoDelayEnabled=true, 
MaxInactivityDuration=30000, TightEncodingEnabled=true, 
StackTraceEnabled=true}, magic=[A,c,t,i,v,e,M,Q]} and remote: 
WireFormatInfo { version=7, properties={CacheSize=1024, 
CacheEnabled=true, SizePrefixDisabled=false, 
MaxInactivityDurationInitalDelay=10000, TcpNoDelayEnabled=true, 
MaxInactivityDuration=30000, TightEncodingEnabled=true, 
StackTraceEnabled=true}, magic=[A,c,t,i,v,e,M,Q]}
DEBUG | Received WireFormat: WireFormatInfo { version=7, 
properties={CacheSize=1024, CacheEnabled=true, SizePrefixDisabled=false, 
MaxInactivityDurationInitalDelay=10000, TcpNoDelayEnabled=true, 
MaxInactivityDuration=30000, TightEncodingEnabled=true, 
StackTraceEnabled=true}, magic=[A,c,t,i,v,e,M,Q]}
DEBUG | tcp:///192.168.107.104:61616@41924 before negotiation: 
OpenWireFormat{version=9, cacheEnabled=false, stackTraceEnabled=false, 
tightEncodingEnabled=false, sizePrefixDisabled=false, 
maxFrameSize=9223372036854775807}
DEBUG | tcp:///192.168.107.104:61616@41924 after negotiation: 
OpenWireFormat{version=7, cacheEnabled=true, stackTraceEnabled=true, 
tightEncodingEnabled=true, sizePrefixDisabled=false, 
maxFrameSize=9223372036854775807}
DEBUG | broker1.office.myorg.net addBroker:broker2.office.myorg.net 
brokerInfo size : 1
DEBUG | servletNameMap={jsp=jsp, default=default}
DEBUG | Initialized TaskRunnerFactory[ActiveMQ VMTransport: 
vm://broker1.office.myorg.net#3] using ExecutorService: null
DEBUG | Setting up new connection id: 
ID:broker1.office.myorg.net-33320-1355151115534-6:1, address: 
vm://broker1.office.myorg.net#2, info: ConnectionInfo {commandId = 2, 
responseRequired = true, connectionId = 
ID:broker1.office.myorg.net-33320-1355151115534-6:1, clientId = 
NC_broker2.office.myorg.net_inbound_broker1.office.myorg.net, clientIp = 
null, userName = null, password = *****, brokerPath = null, 
brokerMasterConnector = false, manageable = false, clientMaster = true, 
faultTolerant = false, failoverReconnect = false}
  WARN | Failed to add Connection 
ID:broker1.office.myorg.net-33320-1355151115534-6:1, reason: 
java.lang.SecurityException: User name [null] or password is invalid.

Can anyone give me any pointers how to get broker authentication to work 
with ldap discovery please ?

Thanks in advance
Rob

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message