The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

<plugins>

    <simpleAuthenticationPlugin>

        <users>

            <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>

            <authenticationUser username="producer" password="producer" groups="producers,consumers"/>

            <authenticationUser username="consumer" password="consumer" groups="consumers"/>

            <authenticationUser username="guest" password="guest" groups="guests"/>

        </users>

    </simpleAuthenticationPlugin>

</plugins>

By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

private String username = "producer";

private String password = "producer";

public Producer() throws JMSException {

    factory = new ActiveMQConnectionFactory(brokerURL);

    connection = factory.createConnection(username, password);

    connection.start();

    session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

    producer = session.createProducer(null);

}

As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method.

Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

ActiveMQ(5.10.0) - Configuring the Simple Authentication Plug-in的更多相关文章

  1. ActiveMQ(5.10.0) - Configuring the JAAS Authentication Plug-in

    JAAS provides pluggable authentication, which means ActiveMQ will use the same authentication API re ...

  2. ActiveMQ(5.10.0) - Destination-level authorization

    To build upon authentication, consider a use case requiring more fine-grained control over clients t ...

  3. ActiveMQ 5.10.0 安装与配置

    先在官网下载activeMQ,我这里是5.10.0. 然后在解压在一个文件夹下即可. 我这里是:D:\apache-activemq-5.10.0-bin 然后进入bin目录:D:\apache-ac ...

  4. ActiveMQ(5.10.0) - Building a custom security plug-in

    If none of any built-in security mechanisms works for you, you can always build your own. Though the ...

  5. ActiveMQ(5.10.0) - Spring Support

    Maven Dependency: <dependencies> <dependency> <groupId>org.apache.activemq</gro ...

  6. ActiveMQ(5.10.0) - 删除闲置的队列或主题

    方法一 通过 ActiveMQ Web 控制台删除. 方法二 通过 Java 代码删除. ActiveMQConnection.destroyDestination(ActiveMQDestinati ...

  7. ActiveMQ(5.10.0) - Connection Configuration URI

    An Apache ActiveMQ connection can be configured by explicitly setting properties on the ActiveMQConn ...

  8. ActiveMQ(5.10.0) - hello world

    Sending a JMS message public class MyMessageProducer { ... // 创建连接工厂实例 ConnectionFactory connFactory ...

  9. ActiveMQ(5.10.0) - 使用 JDBC 持久化消息

    1. 编辑 ACTIVEMQ_HOME/conf/activemq.xml. <beans> <broker brokerName="localhost" per ...

随机推荐

  1. java commons-lang 工具包 逃脱工具 转unicode 及其他

    <dependency> <groupId>commons-lang</groupId> <artifactId>commons-lang</ar ...

  2. [转]省市二级联动(纯js实现)

    转至:http://www.jb51.net/article/41556.htm 实现原理: set_city("省名称",市select对象); 判断市select对象是否为空, ...

  3. update多表更新的2种方式

    update t1 set TermBeginQty =isnull((select top 1 JiaoPlusQty from WMS_RptMaterialPutDaily r where t1 ...

  4. Java中重写与重载的辨析

    摘要:在我们学习Java过程中,重写与重载使我们在面向对象里要学习的重要知识点之一,那我们看看它们有那些区别: 一.重写 1.概念:简单的说就是子类将从父类继承而来的方法重新实现一次. 2.特点: ① ...

  5. How to Be Good at Mathematics

    How to Be Good at Mathematics Community Q&A Sometimes, the hardest subject for some people is ma ...

  6. ORACLE表坏块处理

    1.对于普通表,可以考虑使用事件方式处理 事件10231:设置在全表扫描时忽略损坏的数据块 ALTER SYSTEM SET EVENTS='10231 trace name context fore ...

  7. uva216 c++回溯法

    因为题目要求最多8台电脑,所以可以枚举全排列,然后依次计算距离进行比较,枚举量8!=40320并不大,但这种方法不如回溯法好,当数据再大一些枚举就显得笨拙了,所以这个题我用回溯法做的,回溯有一个好处是 ...

  8. HDU1013_Digital Roots【大数】【水题】

    Digital Roots Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others) To ...

  9. 高级I/O之异步I/O

    A synchronous I/O operation causes the requesting process to be blocked until that I/O operation com ...

  10. strassen algorithm

    the explaination that is clear in my view is from wiki.