activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robbie Gemmell <robbie.gemm...@gmail.com>
Subject Re: [Artemis, Qpid JMS] Connection limit
Date Tue, 17 May 2016 09:53:00 GMT
On 16 May 2016 at 13:37, Vavricka <vavricka.tomas@gmail.com> wrote:
> It is probably linked to allowed Anonymous access. It looks like that user is
> ignored and Anonymous acces is used. And there is no limit for anonymous
> user.
>
> DEBUG org.apache.qpid.jms.sasl.SaslMechanismFinder - Skipping SASL-PLAIN
> mechanism because the available credentials are not sufficient
> INFO org.apache.qpid.jms.sasl.SaslMechanismFinder - Best match for SASL auth
> was: SASL-ANONYMOUS
>
> When I disable Anonymous access, I can connect at all.
>
>  It looks like PLAIN SASL mechanism was ignored because of missing
> credentials. I cannot find out what missing credentials means.
>

Credentials in this case means a username and password.

The logs suggest the server offered PLAIN and ANONYMOUS mechs, the
client couldnt do PLAIN because it had no user details to do it with,
and so it selected ANONYMOUS.

> Connection URL was like
>
> amqps://cbgc03:5673?transport.trustStorePassword=123456&amqp.saslMechanisms=PLAIN&transport.keyStorePassword=123456&transport.keyStoreLocation=/path/to/user1.keystore&transport.trustStoreLocation=/path/to/cbgc03.truststore&transport.keyAlias=user1
>
> Contents of login.config file:
>
> activemq {
>    org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule
> sufficient
>        debug=false
>        org.apache.activemq.jaas.properties.user="artemis-users.properties"
>        org.apache.activemq.jaas.properties.role="artemis-roles.properties";
>
>
> org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule
> sufficient
>        debug=true
>        org.apache.activemq.jaas.textfiledn.user="users.properties"
>        org.apache.activemq.jaas.textfiledn.role="roles.properties";
> };
>
> SSL acceptor in broker.xml:
>
> <acceptor
> name="amqpSsl">tcp://0.0.0.0:5673?protocols=AMQP;sslEnabled=true;keyStorePath=/path/to/cbgc03.keystore;keyStorePassword=123456;trustStorePath=/path/to/member.truststore;trustStorePassword=123456</acceptor>
>
> users.properties file:
>
> user1=CN=user1,O=Unknown,L=Unknown,ST=Unknown,C=Unknown
>
> groups.properties file:
>
> amq=user1
>
> Am I doing everything right to get SSL connection working?
>
> Vavricka
>
>
>
> --
> View this message in context: http://activemq.2283324.n4.nabble.com/Artemis-Qpid-JMS-Connection-limit-tp4711862p4711981.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Mime
View raw message