Jose Roman Martin Gil created ARTEMIS-1734:
----------------------------------------------

             Summary: Unable to access to AMQ7.1 Management Console in 
read-only mode
                 Key: ARTEMIS-1734
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1734
             Project: ActiveMQ Artemis
          Issue Type: Bug
          Components: Web Console
    Affects Versions: 2.4.0
         Environment: RHEL 7.3

OpenJDK 1.8.0 (latest rpm)
            Reporter: Jose Roman Martin Gil
         Attachments: amq-monitor-user.png

As administrator I want to create a monitor role to allow access to Management 
Console only to view and read the status of any objects.
 
As administrator I am using roles to manage queues and topics successfully but 
I would like to have users to monitor the broker with the Management Console.
 
At this moment I created a role and I updated the following files as: 
 
*etc/artemis.profile*: Changed the roles allowed to access:
{code:java}
-Dhawtio.roles=amq,monitor{code}
 
*etc/management.xml*: Allowed methods for each method:
{code:java}
<default-access>
 <access method="list*" roles="amq,monitor"/>
 <access method="get*" roles="amq,monitor"/>
 <access method="is*" roles="amq,monitor"/>
 <access method="set*" roles="amq"/>
 <access method="*" roles="amq"/>
</default-access>
<role-access>
 <match domain="org.apache.activemq.artemis">
 <access method="list*" roles="amq,monitor"/>
 <access method="get*" roles="amq,monitor"/>
 <access method="is*" roles="amq,monitor"/>
 <access method="set*" roles="amq"/>
 <access method="*" roles="amq"/>
 </match>
</role-access>{code}
With these changes I could login as monitor user however I found a lot of 
errors as:
 
{code:java}
ERROR: Insufficient roles/credentials for operation (class 
java.lang.SecurityException){code}
 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to