Thanks, now I added
<broker....>
........
<plugins>
<!-- use JAAS to authenticate using the login.config file on the
classpath to configure JAAS -->
<jaasAuthenticationPlugin configuration="activemq-domain" />
<!-- lets configure a destination based authorization mechanism -->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="users,admins"
write="users,admins" admin="admins" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
</broker>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system" password="manager"
groups="users,admins"/>
<authenticationUser username="user" password="password"
groups="users"/>
<authenticationUser username="guest" password="password"
groups="guests"/>
</users>
</simpleAuthenticationPlugin>
but I have still problems at startup with a:
java.lang.SecurityException: User name or password is invalid.
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:88)
at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:662)
at
org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:292)
at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:180)
at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
at
org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:143)
at
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:206)
at
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
at
org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:196)
at
org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:183)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.SecurityException: Unable to locate a login
configuration
So, wehre I can configure it?
TIA,
Sandro
Joe Fernandez wrote:
>
> The authentication plugin is used to control access to the broker. The
> authorization plugin is used to control access to the destinations. So if
> you haven't enabled the authorization plugin, then everyone who is granted
> access to the broker is also granted access to all the destinations.
>
> Joe
> Get a free ActiveMQ user guide @ http://www.ttmsolutions.com
>
>
>
> Sandro Tosi wrote:
>>
>> Hello,
>> actually, every queue on activemq are "free entrance" for everyone (ok,
>> knowing server, ports, name, etc) but we'd like anyhow to stop this and
>> require a username/password access policy.
>>
>> I've read the security doc[1] and added the "Simple Authentication
>> Plugin" but I'm still able to connect to queues "anonymously".
>>
>> How can I grant access only to given username/pwd?
>>
>> Thanks in advance,
>> Sandro
>>
>> [1] http://activemq.apache.org/security.html
>>
>
>
--
View this message in context:
http://www.nabble.com/Protect-queues-access-with-password-tp19453220p19490424.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
