Hi,
I am using AMQ 4.1.1, and the <networkConnector> provides userName and
password attributes, but that beat the purpose of having JAAS plugin, since
the username and password will be in plain text, anyone get a hold of
activemq.xml can do the same. Is there a better a way to handle this?
I guess I can programmatically call addNetworkConnector() on BrokerService
and set the userName and password on the networkConnector object. By the
way, does anyone has any code sample on that, I am having problem getting
Network brokers to work this way.
broker = BrokerFactory.createBroker(new URI(uri));
DiscoveryNetworkConnector dnc = new
DiscoveryNetworkConnector("static://(tcp://host1:61616)");
dnc.setName("toHost1");
broker.addNetworkConnector(dnc);
broker.start();
Thanks,
William
Hiram Chirino wrote:
>
> Looks like 1 broker is not authenticating with the next broker. I
> think we need to provide a way for you to pass a userid/password in
> the network connector configuration.
>
> On 3/12/07, David Borja <[EMAIL PROTECTED]> wrote:
>> Hi AMQ devs!!
>>
>> I have a problem with the JAAS authentication in netowork of brokers ...
>>
>> The network of brokers topology is the following ...
>>
>> I have a broker named "serverdatos" which is configured with a jaas
>> security:
>>
>> <plugins>
>> <!-- use JAAS to authenticate using the login.config file on the
>> classpath to configure JAAS -->
>> <jaasAuthenticationPlugin configuration="activemq-domain" />
>>
>> <!-- lets configure a destination based authorization mechanism
>> -->
>> <authorizationPlugin>
>> <map>
>> <authorizationMap>
>>
>> <authorizationEntries>
>> <authorizationEntry queue=">" read="admins" write="admins"
>> admin="admins" />
>>
>> <authorizationEntry topic=">" read="admins" write="admins"
>> admin="admins" />
>>
>> <authorizationEntry queue="jms/local" read="users"
>> write="users" admin="users" />
>>
>> <authorizationEntry topic="ActiveMQ.Advisory.>"
>> read="guests,users" write="guests,users" admin="guests,users"/>
>>
>> </authorizationEntries>
>>
>> </authorizationMap>
>> </map>
>> </authorizationPlugin>
>> </plugins>
>>
>>
>> There is another broker named "FF" which has the same security config.
>>
>> In addition has a network connector config:
>>
>> <networkConnectors>
>> <networkConnector name="ff and serverdatos"
>> uri="static://(tcp://localhost:61616,tcp://serverdatos:61616)"
>> failover="true">
>> <staticallyIncludedDestinations>
>> <queue physicalName="jms/central" />
>> </staticallyIncludedDestinations>
>> </networkConnector>
>> </networkConnectors>
>>
>> When the broker FF starts, a SecurityException is thrown:
>>
>> java.lang.SecurityException: User is not authenticated.
>> at
>> org.apache.activemq.security.AuthorizationBroker.addDestination
>> (Autho
>> rizationBroker.java:57)
>> at org.apache.activemq.broker.MutableBrokerFilter.addDestination
>> (Mutable
>> BrokerFilter.java:152)
>> at org.apache.activemq.broker.region.AbstractRegion.lookup
>> (AbstractRegio
>> n.java:316)
>> at org.apache.activemq.broker.region.AbstractRegion.send
>> (AbstractRegion.
>> java:291)
>> at org.apache.activemq.broker.region.RegionBroker.send(
>> RegionBroker.java
>> :380)
>> at org.apache.activemq.broker.TransactionBroker.send(
>> TransactionBroker.j
>> ava:193)
>> at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory
>> (AdvisoryBrok
>> er.java:272)
>> at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory
>> (AdvisoryBrok
>> er.java:237)
>> at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory
>> (AdvisoryBrok
>> er.java:232)
>> at org.apache.activemq.advisory.AdvisoryBroker.removeConnection
>> (Advisory
>> Broker.java:205)
>> at org.apache.activemq.broker.BrokerFilter.removeConnection
>> (BrokerFilter
>> .java:110)
>> at org.apache.activemq.broker.BrokerFilter.removeConnection
>> (BrokerFilter
>> .java:110)
>> at
>> org.apache.activemq.security.JaasAuthenticationBroker.removeConnectio
>> n(JaasAuthenticationBroker.java:94)
>> at org.apache.activemq.broker.BrokerFilter.removeConnection
>> (BrokerFilter
>> .java:110)
>> at
>> org.apache.activemq.broker.MutableBrokerFilter.removeConnection
>> (Mutab
>> leBrokerFilter.java:120)
>> at
>> org.apache.activemq.broker.TransportConnection.processRemoveConnectio
>> n(TransportConnection.java:728)
>> at org.apache.activemq.broker.TransportConnection.stop
>> (TransportConnecti
>> on.java:884)
>> at org.apache.activemq.broker.jmx.ManagedTransportConnection.stop
>> (Manage
>> dTransportConnection.java:74)
>> at org.apache.activemq.broker.TransportConnection.processShutdown
>> (Transp
>> ortConnection.java:344)
>> at
>> org.apache.activemq.command.ShutdownInfo.visit(ShutdownInfo.java
>> :36)
>> at org.apache.activemq.broker.TransportConnection.service
>> (TransportConne
>> ction.java:284)
>> at org.apache.activemq.broker.TransportConnection$1.onCommand
>> (TransportC
>> onnection.java:177)
>> at org.apache.activemq.transport.TransportFilter.onCommand
>> (TransportFilt
>> er.java:65)
>> at org.apache.activemq.transport.WireFormatNegotiator.onCommand
>> (WireForm
>> atNegotiator.java:133)
>> at org.apache.activemq.transport.InactivityMonitor.onCommand
>> (InactivityM
>> onitor.java:122)
>> at org.apache.activemq.transport.TransportSupport.doConsume
>> (TransportSup
>> port.java:84)
>> at org.apache.activemq.transport.tcp.TcpTransport.run(
>> TcpTransport.java:
>> 137)
>> at java.lang.Thread.run(Unknown Source)
>>
>>
>> Any ideas???
>>
>>
>> Thanx!!
>>
>
>
> --
> Regards,
> Hiram
>
> Blog: http://hiramchirino.com
>
>
--
View this message in context:
http://www.nabble.com/Network-of-brokers-security-tf3391489s2354.html#a12206231
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
