Hello Dejan, first thanks for you reply. I think I provide valid login data because stated in the warning message
WARN Service - Failed to remove connection ConnectionInfo {commandId = 0, responseRequired = true, connectionId = ID:tank2-58514-1230731215437-2:0, clientId = ID:tank2-58514-1230731215437-2:0, userName = system, password = manager, brokerPath = null, brokerMasterConnector = false, manageable = false, clientMaster = true} there are username and password in my request. Further the same error occurs, if I try to send a message over the web console, which isn't a tragedy, but there I'm able to authenticate over my jaas system. cheers, manuel Dejan Bosanac wrote: > > Hi, > > it looks like you are trying to connect from Stomp client and you are not > providing valid credentials. Can you check if you are passing username and > password in your "connect" call. > > Cheers > -- > Dejan Bosanac > > Open Source Integration - http://fusesource.com/ > ActiveMQ in Action - http://www.manning.com/snyder/ > Blog - http://www.nighttale.net > > > On Wed, Dec 31, 2008 at 2:54 PM, geezmo <m...@netmonic.com> wrote: > >> >> Hello, >> >> I try to configure JAAS to secure my broker and web console. Therefore I >> created login.config file with >> >> ActiveMQ { >> org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required >> debug="true" >> file="/full/path/to/realm.properties"; >> }; >> >> and my realm properties looks like >> >> system: manager,admins >> >> Further I added >> >> <plugins> >> >> <jaasAuthenticationPlugin configuration="ActiveMQ" >> /> >> >> <!-- lets configure a destination based >> authorization mechanism --> >> <authorizationPlugin> >> <map> >> <authorizationMap> >> <authorizationEntries> >> >> <authorizationEntry >> queue=">" read="admins" >> >> write="admins" admin="admins" /> >> >> >> <authorizationEntry >> topic=">" read="admins" >> >> write="admins" admin="admins" /> >> </authorizationEntries> >> >> >> <tempDestinationAuthorizationEntry> >> >> <tempDestinationAuthorizationEntry >> >> read="admins" write="admins" admin="admins" /> >> >> </tempDestinationAuthorizationEntry> >> </authorizationMap> >> </map> >> </authorizationPlugin> >> </plugins> >> >> to my broker. >> >> I already use my jaas config successfully to login to my web console with >> given credentials. But if I try to send a message to a queue I get the >> following error: >> >> DEBUG TransportConnection - Setting up new connection: >> /127.0.0.1:35604 >> WARN TransportConnection - Failed to add Connection >> java.lang.SecurityException: User name or password is invalid. >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) >> at >> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) >> at >> >> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) >> at >> >> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) >> at >> >> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) >> at >> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) >> at >> >> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) >> at >> >> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) >> at >> >> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) >> at >> >> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) >> at >> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) >> at >> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: javax.security.auth.login.LoginException: Login Failure: all >> modules ignored >> at >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) >> at >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) >> at >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) >> at java.security.AccessController.doPrivileged(Native Method) >> at >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) >> at >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) >> ... 17 more >> DEBUG Service - Error occured while processing >> sync >> command: java.lang.SecurityException: User name or password is invalid. >> java.lang.SecurityException: User name or password is invalid. >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) >> at >> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) >> at >> >> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) >> at >> >> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) >> at >> >> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) >> at >> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) >> at >> >> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) >> at >> >> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) >> at >> >> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) >> at >> >> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) >> at >> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) >> at >> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: javax.security.auth.login.LoginException: Login Failure: all >> modules ignored >> at >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) >> at >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) >> at >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) >> at java.security.AccessController.doPrivileged(Native Method) >> at >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) >> at >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) >> ... 17 more >> DEBUG Transport - Transport failed: >> java.io.IOException: User name or password is invalid. >> java.io.IOException: User name or password is invalid. >> at >> >> org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56) >> at >> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40) >> at >> >> org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207) >> at >> >> org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793) >> at >> >> org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752) >> at >> >> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181) >> at >> >> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) >> at >> >> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) >> at >> >> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) >> at >> >> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) >> at >> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) >> at >> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: java.lang.SecurityException: User name or password is invalid. >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) >> at >> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) >> at >> >> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) >> at >> >> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) >> at >> >> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) >> at >> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) >> at >> >> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) >> at >> >> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) >> ... 10 more >> Caused by: javax.security.auth.login.LoginException: Login Failure: all >> modules ignored >> at >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) >> at >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) >> at >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) >> at java.security.AccessController.doPrivileged(Native Method) >> at >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) >> at >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) >> ... 17 more >> DEBUG TransportConnection - Stopping connection: / >> 127.0.0.1:35604 >> DEBUG TcpTransport - Stopping transport >> tcp:///127.0.0.1:35604 >> DEBUG TransportConnection - Stopped transport: >> /127.0.0.1:35604 >> DEBUG TransportConnection - Cleaning up connection resources: >> /127.0.0.1:35604 >> WARN Service - Failed to remove connection >> ConnectionInfo {commandId = 0, responseRequired = true, connectionId = >> ID:tank2-58514-1230731215437-2:0, clientId = >> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager, >> brokerPath = null, brokerMasterConnector = false, manageable = false, >> clientMaster = true} >> java.lang.SecurityException: User is not authenticated. >> at >> >> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52) >> at >> >> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149) >> at >> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417) >> at >> >> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224) >> at >> >> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432) >> at >> >> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362) >> at >> >> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357) >> at >> >> org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217) >> at >> >> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) >> at >> >> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) >> at >> >> org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95) >> at >> >> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) >> at >> >> org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117) >> at >> >> org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721) >> at >> >> org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000) >> at >> >> org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74) >> at >> >> org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925) >> DEBUG TransportConnection - Connection Stopped: / >> 127.0.0.1:35604 >> >> >> Hope somone can help me =) >> >> kind regards, >> geezmo >> -- >> View this message in context: >> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html >> Sent from the ActiveMQ - User mailing list archive at Nabble.com. >> >> > > > ----- > Dejan Bosanac > > > http://www.ttmsolutions.com - get a free ActiveMQ user guide > > ActiveMQ in Action - http://www.manning.com/snyder/ > Scripting in Java - http://www.scriptinginjava.net > -- View this message in context: http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21289107.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.