?
Solved

ActiveMQ authorization

Posted on 2014-03-28
1
Medium Priority
?
176 Views
Last Modified: 2014-03-31
I am having problems with  the documentation, but I did find the following:

			<authorizationPlugin>
				<map>
					<authorizationMap>
						<authorizationEntries>
							<authorizationEntry queue=">" read="admins"
								write="admins" admin="admins" />
							<authorizationEntry queue="myqueu"
								read="service" write="users" admin="admin" />
....
				</map>
			</authorizationPlugin>

Open in new window


And it appears to have been placed inside of  activemq.xml

So taht is good, but I can not quite put it all together without an example

Could someone please post how to provide authentication and authroization for the following

User:  Quest
pw:  abcd

destination:  myQueue
privileges:  read-admin, write-admin, admin=admin

Thanks, njd
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 36

Accepted Solution

by:
mccarl earned 2000 total points
ID: 39965576
Ok so what you have is one have of the story, ie. Authorization. The snippet that you posted basically just says that any user with the "admins" role, can do anything (receive messages, send messages, create queues). Also it says that only users with the "service" role can READ (ie. browse or consume messages) from the queue "myqueu" and only users with the "users" role can WRITE (ie. send messages to) the queue "myqueu" and users with the "admin" role (note there is NO s on the end of that role, unlike the others) can ADMINSTER (ie. create the queue if it doesn't exist) the queue "myqueu".

What you now need to do is to configure what users are allowed to connect to the broker, and what roles that they will have. So in the <plugins> section of activemq.xml (the same location that the above <authorizationPlugin> should be in) you will also define something like the following...
<simpleAuthenticationPlugin>
    <users>
        <authenticationUser username="system" password="manager" groups="users,admins"/>
        <authenticationUser username="Quest" password="abcd" groups="service,users,admin"/>
    </users>
</simpleAuthenticationPlugin>

Open in new window

This will give that user, "Quest", full rights to the "myqueu" queue but nothing else to any other queues
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
Suggested Courses
Course of the Month15 days, 10 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question