The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

<plugins>

    <simpleAuthenticationPlugin>

        <users>

            <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>

            <authenticationUser username="producer" password="producer" groups="producers,consumers"/>

            <authenticationUser username="consumer" password="consumer" groups="consumers"/>

            <authenticationUser username="guest" password="guest" groups="guests"/>

        </users>

    </simpleAuthenticationPlugin>

</plugins>

By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

private String username = "producer";

private String password = "producer";

public Producer() throws JMSException {

    factory = new ActiveMQConnectionFactory(brokerURL);

    connection = factory.createConnection(username, password);

    connection.start();

    session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

    producer = session.createProducer(null);

}

As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method.

Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

ActiveMQ(5.10.0) - Configuring the Simple Authentication Plug-in的更多相关文章

  1. ActiveMQ(5.10.0) - Configuring the JAAS Authentication Plug-in

    JAAS provides pluggable authentication, which means ActiveMQ will use the same authentication API re ...

  2. ActiveMQ(5.10.0) - Destination-level authorization

    To build upon authentication, consider a use case requiring more fine-grained control over clients t ...

  3. ActiveMQ 5.10.0 安装与配置

    先在官网下载activeMQ,我这里是5.10.0. 然后在解压在一个文件夹下即可. 我这里是:D:\apache-activemq-5.10.0-bin 然后进入bin目录:D:\apache-ac ...

  4. ActiveMQ(5.10.0) - Building a custom security plug-in

    If none of any built-in security mechanisms works for you, you can always build your own. Though the ...

  5. ActiveMQ(5.10.0) - Spring Support

    Maven Dependency: <dependencies> <dependency> <groupId>org.apache.activemq</gro ...

  6. ActiveMQ(5.10.0) - 删除闲置的队列或主题

    方法一 通过 ActiveMQ Web 控制台删除. 方法二 通过 Java 代码删除. ActiveMQConnection.destroyDestination(ActiveMQDestinati ...

  7. ActiveMQ(5.10.0) - Connection Configuration URI

    An Apache ActiveMQ connection can be configured by explicitly setting properties on the ActiveMQConn ...

  8. ActiveMQ(5.10.0) - hello world

    Sending a JMS message public class MyMessageProducer { ... // 创建连接工厂实例 ConnectionFactory connFactory ...

  9. ActiveMQ(5.10.0) - 使用 JDBC 持久化消息

    1. 编辑 ACTIVEMQ_HOME/conf/activemq.xml. <beans> <broker brokerName="localhost" per ...

随机推荐

  1. UVA10361 - Automatic Poetry

    “Oh God”, Lara Croft exclaims, “it’s one of these dumb riddles again!” In Tomb Raider XIV, Lara is, ...

  2. cookie.js 加载顺序问题

    今天遇到一个问题,在使用cookie.js时,只有在jquery.js文件后加载整体才有效 有效加载顺序 <head> <script type="text/javascr ...

  3. Windows Server2008 R2 MVC 环境配置

    *:first-child { margin-top: 0 !important; } body>*:last-child { margin-bottom: 0 !important; } /* ...

  4. [原]使用node-mapnik和openstreetmap数据初步搭建瓦片服务

    最近依然还是有点小忙,只能挤点时间来学习点,先解决有没有的问题,再解决好不好的问题:) 本文将承接上文<使用node-mapnik生成openstreetmap-carto风格的瓦片>的内 ...

  5. Linux下C程序的编辑,编译和运行以及调试

    国内私募机构九鼎控股打造APP,来就送 20元现金领取地址:http://jdb.jiudingcapital.com/phone.html 内部邀请码:C8E245J (不写邀请码,没有现金送) 国 ...

  6. 读取AD模拟分量

    //EEPROM数据保存---------------------- #include <EEPROM.h> #define EEPROM_write(address, p) {int i ...

  7. 方法字段[C# 基础知识系列]专题二:委托的本质论

    首先声明,我是一个菜鸟.一下文章中出现技术误导情况盖不负责 引言: 上一个专题已和大家分享了我懂得的——C#中为什么须要委托,专题中简略介绍了下委托是什么以及委托简略的应用的,在这个专题中将对委托做进 ...

  8. C# 使用微软的Visual Studio International Pack 类库提取汉字拼音首字母

    首先下载Visual Studio International Pack 1.0,官方下载地址:http://www.microsoft.com/downloads/zh-cn/details.asp ...

  9. 用adb pull命令从android系统中读取文件失败的原因及解决办法

    问题:使用adb pull命令从android系统中读取文件失败.显示:Permission denied   原因:是由于文件权限原因引起.       使用ls -l命令查看android系统中的 ...

  10. HDU 2037 今年暑假不AC (贪心)

    今年暑假不AC Time Limit: 2000/1000 MS (Java/Others) Memory Limit: 65536/32768 K (Java/Others) Total Submi ...