The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

<plugins>

    <simpleAuthenticationPlugin>

        <users>

            <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>

            <authenticationUser username="producer" password="producer" groups="producers,consumers"/>

            <authenticationUser username="consumer" password="consumer" groups="consumers"/>

            <authenticationUser username="guest" password="guest" groups="guests"/>

        </users>

    </simpleAuthenticationPlugin>

</plugins>

By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

private String username = "producer";

private String password = "producer";

public Producer() throws JMSException {

    factory = new ActiveMQConnectionFactory(brokerURL);

    connection = factory.createConnection(username, password);

    connection.start();

    session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

    producer = session.createProducer(null);

}

As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method.

Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

ActiveMQ(5.10.0) - Configuring the Simple Authentication Plug-in的更多相关文章

  1. ActiveMQ(5.10.0) - Configuring the JAAS Authentication Plug-in

    JAAS provides pluggable authentication, which means ActiveMQ will use the same authentication API re ...

  2. ActiveMQ(5.10.0) - Destination-level authorization

    To build upon authentication, consider a use case requiring more fine-grained control over clients t ...

  3. ActiveMQ 5.10.0 安装与配置

    先在官网下载activeMQ,我这里是5.10.0. 然后在解压在一个文件夹下即可. 我这里是:D:\apache-activemq-5.10.0-bin 然后进入bin目录:D:\apache-ac ...

  4. ActiveMQ(5.10.0) - Building a custom security plug-in

    If none of any built-in security mechanisms works for you, you can always build your own. Though the ...

  5. ActiveMQ(5.10.0) - Spring Support

    Maven Dependency: <dependencies> <dependency> <groupId>org.apache.activemq</gro ...

  6. ActiveMQ(5.10.0) - 删除闲置的队列或主题

    方法一 通过 ActiveMQ Web 控制台删除. 方法二 通过 Java 代码删除. ActiveMQConnection.destroyDestination(ActiveMQDestinati ...

  7. ActiveMQ(5.10.0) - Connection Configuration URI

    An Apache ActiveMQ connection can be configured by explicitly setting properties on the ActiveMQConn ...

  8. ActiveMQ(5.10.0) - hello world

    Sending a JMS message public class MyMessageProducer { ... // 创建连接工厂实例 ConnectionFactory connFactory ...

  9. ActiveMQ(5.10.0) - 使用 JDBC 持久化消息

    1. 编辑 ACTIVEMQ_HOME/conf/activemq.xml. <beans> <broker brokerName="localhost" per ...

随机推荐

  1. Javascript高级篇-JS闭包

    Javascript闭包 1.变量的作用域 1.1局部变量 1.2全局变量(声明在外边或不用var来声明的变量) 2.外部读取方法内部的局部(私有)变量 function a(){ var b = & ...

  2. [转载代码]VB.NET 中查询 Linq to SQL 执行时的SQL语句

    在搜索使用LINQ TO SQL 添加数据后获得自增长ID的方法时,发现C#可以使用DebuggerWritter把使用Linq to SQL执行的SQL语句显示到即时窗口,于是在网上搜索到在VB.N ...

  3. plsql developer导入导出数据库方法

    导出步骤: 1 tools ->export user object 选择选项,导出.sql文件 2 tools ->export tables-> Oracle Export 选择 ...

  4. Codeforces Gym 100610 Problem A. Alien Communication Masterclass 构造

    Problem A. Alien Communication Masterclass Time Limit: 1 Sec Memory Limit: 256 MB 题目连接 http://codefo ...

  5. Codeforces Round #318 [RussianCodeCup Thanks-Round] (Div. 1) B. Bear and Blocks 水题

    B. Bear and Blocks Time Limit: 20 Sec Memory Limit: 256 MB 题目连接 http://codeforces.com/contest/573/pr ...

  6. Nginx 1.4.7图片缓存服务器

    软件包版本: Nginx 1.4.7 Ngx_cache_purge-2.0 Openssl-1.0.1 Pcre-8.32 二.安装编译: a)         下载pcre-8.32.tar.gz ...

  7. 项目中oracle存储过程记录——经常使用语法备忘

    项目中oracle存储过程记录--经常使用语法备忘 项目中须要写一个oracle存储过程,需求是收集一个复杂查询的内容(涉及到多张表),然后把符合条件的记录插入到目标表中.当中原表之中的一个的日期字段 ...

  8. Swift常用语法示例代码(一)

    此篇文章整理自我以前学习Swift时的一些练习代码,其存在的意义多是可以通过看示例代码更快地回忆Swift的主要语法. 如果你想系统学习Swift或者是Swift的初学者请绕路,感谢Github上Th ...

  9. iOS开发——语法篇OC篇&静态方法与实例方法

    静态方法与实例方法 方法是类的行为,写在接口和实现两个文件中.在接口部分声明方法,在实现部分实现方法. 1.类方法与实例方法 Objective-C中的类可以声明两种类型的方法:实例方法和类方法.实例 ...

  10. HDU 2037 今年暑假不AC (贪心)

    今年暑假不AC Time Limit: 2000/1000 MS (Java/Others) Memory Limit: 65536/32768 K (Java/Others) Total Submi ...