[Stomp] Security - not authorized to create: topic://ActiveMQ.Advisory.Connection error

Wed, 02 Aug 2006 14:44:56 -0700 

Hi,
This is a followup on: http://www.nabble.com/-Stomp--Access-Control-List-tf2040876.html 


Now, I have setup AMQ 4.0.1 with the default JAAS plugin, as described 
here: http://activemq.org/site/security.html



However, when I try to connect (login: users, passcode: password), I get 
the following error:


-------

INFO  Service                        - Sync error occurred: 
java.lang.SecurityException: User users is not authorized to create: 
topic://ActiveMQ.Advisory.Connection
java.lang.SecurityException: User users is not authorized to create: 
topic://ActiveMQ.Advisory.Connection
       at 
org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:64)
       at 
org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:142)
       at 
org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:244)
       at 
org.apache.activemq.broker.region.AbstractRegion.send(AbstractRegion.java:224)
       at 
org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:345)
       at 
org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:192)
       at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:271)
       at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:236)
       at 
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:231)
       at 
org.apache.activemq.advisory.AdvisoryBroker.addConnection(AdvisoryBroker.java:72)
       at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
       at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
       at 
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:87)
       at 
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
       at 
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:82)
       at 
org.apache.activemq.broker.AbstractConnection.processAddConnection(AbstractConnection.java:507)
       at 
org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:82)
       at 
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:118)
       at 
org.apache.activemq.broker.AbstractConnection.service(AbstractConnection.java:201)
       at 
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:62)
       at 
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:97)
       at 
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:63)
       at 
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:122)
       at 
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:87)
       at 
org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:143)

       at java.lang.Thread.run(Thread.java:595)
------

--- login.config -----
activemq-domain {
   org.apache.activemq.jaas.PropertiesLoginModule required
       debug=true

       
org.apache.activemq.jaas.properties.user="org/apache/activemq/security/users.properties"
       
org.apache.activemq.jaas.properties.group="org/apache/activemq/security/groups.properties";

};
---------------------

---- users.properties ------
admins=manager
users=password
guest=password
------------------------------

------- activemq.xml ------------

 <plugins>
     <jaasAuthenticationPlugin configuration="activemq-domain" />
     <authorizationPlugin>
       <map>
         <authorizationMap>
           <authorizationEntries>

             <authorizationEntry queue=">" read="admins" write="admins" 
admin="admins" />
             <authorizationEntry queue="USERS.>" read="users" 
write="users" admin="users" />
             <authorizationEntry queue="GUEST.>" read="guests" 
write="guests,users" admin="guests,users" />
             <authorizationEntry topic=">" read="admins" write="admins" 
admin="admins" />
             <authorizationEntry topic="USERS.>" read="users" 
write="users" admin="users" />
             <authorizationEntry topic="GUEST.>" read="guests" 
write="guests,users" admin="guests,users" />
             <authorizationEntry topic="ActiveMQ.Advisory.>" 
read="guests,users" write="guests,users" admin="guests,users"/>

           </authorizationEntries>
         </authorizationMap>
       </map>
     </authorizationPlugin>
   </plugins>
-----------------------------------














    











					Reply via email to