Hey folks, i am desperately trying to find out how to configure a simple access control for the web console, but this is simply not documented......
The documentation here: http://activemq.apache.org/web-console.html refers to a separate jetty instance, not to the integrated jetty. That's when i thought "ok, it's simply not possible using the integrated jetty" but then i stumbled over this peace of user-submitted configuration example: http://activemq.apache.org/user-submitted-configurations.html This looks really good: <!-- Web Console. Auth is via JAAS. Beware: jetty-plus-6.1.4.jar contains the JAAS classes, and is not included with ActiveMQ. You need to download separately. Web Console queue browser will fail, as it tries to use JMS to browse the queue, and that requires a password. --> <jetty xmlns="http://mortbay.com/schemas/jetty/1.0";> <connectors> <nioConnector port="8161" /> </connectors> <userRealms> <!-- "name" must match the realm in web.xml, and "loginModuleName" must be defined in login.conf --> <jaasUserRealm name="ActiveMQ" loginModuleName="ActiveMQ" callbackHandlerClass="org.mortbay.jetty.plus.jaas.callback.DefaultCallbackHandler" /> </userRealms> <handlers> <webAppContext contextPath="/admin" resourceBase="${activemq.base}/webapps/admin" logUrlOnStart="true" /> </handlers> </jetty> But unfortunately, it lacks important information: <userRealms> <!-- "name" must match the realm in web.xml, and "loginModuleName" must be defined in login.conf --> Defining a realm in the web.xml is ok, but what about the "login.conf"? Where should i place this file? What should its content look like? What "loginModuleName" should i specify? -- View this message in context: http://www.nabble.com/Securing-the-web-console-impossible--tp16765525s2354p16765525.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
