Just for grins, I took your authorizationPlugin and deployed it onto my JAAS test setup; everything worked fine.
I can only guess that you're somehow picking up the wrong user.properties and/or groups.properties file. Did you set java.security.auth.login.config ? Or are you letting the JAAS plugin find it in the class path? Joe CobraTheSleek wrote: > > I am using activemq-5.0-SNAPSHOT and am trying to get JAAS authentication > working. > I have the login.config and user/group property files configured as per > the example http://activemq.apache.org/security.html > > I beleive others have faced this problem but I have not found a concrete > answer. I get the following error when attempting to run the junits. > > > javax.jms.JMSException: User user is not authorized to read from: > topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic > at > org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:46) > at > org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1181) > at org.apache.activemq.AdvisoryConsumer.<init>(AdvisoryConsumer.java:46) > at > org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1272) > > My broker-config.xml is configured with the jass authentication module: > > <plugins> > <jaasAuthenticationPlugin configuration="activemq-domain" /> > <authorizationPlugin> > <map> > <authorizationMap> > <authorizationEntries> > <!-- For all Queues admins can read and write --> > <authorizationEntry queue=">" read="admins" write="admins" > admin="admins" /> > <!-- For all Queues USERS. users can read and write and admin > --> > <authorizationEntry queue="USERS.>" read="users" write="users" > admin="users" /> > <authorizationEntry queue="GUEST.>" read="guests" > write="guests,users" admin="guests,users" /> > > <authorizationEntry topic=">" read="admins" write="admins" > admin="admins" /> > <authorizationEntry topic="USERS.>" read="users" > write="users" admin="users" /> > <authorizationEntry topic="GUEST.>" read="guests" > write="guests,users" admin="guests,users" /> > <authorizationEntry > topic="org.apache.activemq.spring.Test.spring.topic" read="users" > write="users" admin="guests,users" /> > > <!--<authorizationEntry topic="ActiveMQ.Advisory.>" > read="guests,users" > write="guests,users" admin="guests,users"/>--> > <authorizationEntry topic="ActiveMQ.>" read="guests,users" > write="guests,users" admin="guests,users"/> > > </authorizationEntries> > <tempDestinationAuthorizationEntry> > <tempDestinationAuthorizationEntry > read="tempDestinationAdmins" write="tempDestinationAdmins" > admin="tempDestinationAdmins"/> > </tempDestinationAuthorizationEntry> > > </authorizationMap> > </map> > </authorizationPlugin> > > I have tried to delete the activemq-data directory etc to no avail. The > SimpleAuthenticationPlugin works perfectly though. > > Any tips would be appreciated. > > > > -- View this message in context: http://www.nabble.com/Active-MQ-JAAS-tf4699203s2354.html#a13434991 Sent from the ActiveMQ - User mailing list archive at Nabble.com.
