Hello Dejan,
first thanks for you reply. I think I provide valid login data because
stated in the warning message
WARN Service - Failed to remove connection
ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
ID:tank2-58514-1230731215437-2:0, clientId =
ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
brokerPath = null, brokerMasterConnector = false, manageable = false,
clientMaster = true}
there are username and password in my request.
Further the same error occurs, if I try to send a message over the web
console, which isn't a tragedy, but there I'm able to authenticate over my
jaas system.
cheers,
manuel
Dejan Bosanac wrote:
>
> Hi,
>
> it looks like you are trying to connect from Stomp client and you are not
> providing valid credentials. Can you check if you are passing username and
> password in your "connect" call.
>
> Cheers
> --
> Dejan Bosanac
>
> Open Source Integration - http://fusesource.com/
> ActiveMQ in Action - http://www.manning.com/snyder/
> Blog - http://www.nighttale.net
>
>
> On Wed, Dec 31, 2008 at 2:54 PM, geezmo <m...@netmonic.com> wrote:
>
>>
>> Hello,
>>
>> I try to configure JAAS to secure my broker and web console. Therefore I
>> created login.config file with
>>
>> ActiveMQ {
>> org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
>> debug="true"
>> file="/full/path/to/realm.properties";
>> };
>>
>> and my realm properties looks like
>>
>> system: manager,admins
>>
>> Further I added
>>
>> <plugins>
>>
>> <jaasAuthenticationPlugin configuration="ActiveMQ"
>> />
>>
>> <!-- lets configure a destination based
>> authorization mechanism -->
>> <authorizationPlugin>
>> <map>
>> <authorizationMap>
>> <authorizationEntries>
>>
>> <authorizationEntry
>> queue=">" read="admins"
>>
>> write="admins" admin="admins" />
>>
>>
>> <authorizationEntry
>> topic=">" read="admins"
>>
>> write="admins" admin="admins" />
>> </authorizationEntries>
>>
>>
>> <tempDestinationAuthorizationEntry>
>>
>> <tempDestinationAuthorizationEntry
>>
>> read="admins" write="admins" admin="admins" />
>>
>> </tempDestinationAuthorizationEntry>
>> </authorizationMap>
>> </map>
>> </authorizationPlugin>
>> </plugins>
>>
>> to my broker.
>>
>> I already use my jaas config successfully to login to my web console with
>> given credentials. But if I try to send a message to a queue I get the
>> following error:
>>
>> DEBUG TransportConnection - Setting up new connection:
>> /127.0.0.1:35604
>> WARN TransportConnection - Failed to add Connection
>> java.lang.SecurityException: User name or password is invalid.
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>> at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>> at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>> at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>> at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>> at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>> at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>> at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>> at java.lang.Thread.run(Thread.java:619)
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>> ... 17 more
>> DEBUG Service - Error occured while processing
>> sync
>> command: java.lang.SecurityException: User name or password is invalid.
>> java.lang.SecurityException: User name or password is invalid.
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>> at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>> at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>> at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>> at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>> at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>> at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>> at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>> at java.lang.Thread.run(Thread.java:619)
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>> ... 17 more
>> DEBUG Transport - Transport failed:
>> java.io.IOException: User name or password is invalid.
>> java.io.IOException: User name or password is invalid.
>> at
>>
>> org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56)
>> at
>> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752)
>> at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
>> at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>> at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>> at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>> at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>> at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>> at java.lang.Thread.run(Thread.java:619)
>> Caused by: java.lang.SecurityException: User name or password is invalid.
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>> at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>> at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>> at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>> at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>> at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>> ... 10 more
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>> at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>> ... 17 more
>> DEBUG TransportConnection - Stopping connection: /
>> 127.0.0.1:35604
>> DEBUG TcpTransport - Stopping transport
>> tcp:///127.0.0.1:35604
>> DEBUG TransportConnection - Stopped transport:
>> /127.0.0.1:35604
>> DEBUG TransportConnection - Cleaning up connection resources:
>> /127.0.0.1:35604
>> WARN Service - Failed to remove connection
>> ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
>> ID:tank2-58514-1230731215437-2:0, clientId =
>> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
>> brokerPath = null, brokerMasterConnector = false, manageable = false,
>> clientMaster = true}
>> java.lang.SecurityException: User is not authenticated.
>> at
>>
>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52)
>> at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149)
>> at
>> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417)
>> at
>>
>> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
>> at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432)
>> at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362)
>> at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357)
>> at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217)
>> at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>> at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>> at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95)
>> at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>> at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721)
>> at
>>
>> org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000)
>> at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74)
>> at
>>
>> org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925)
>> DEBUG TransportConnection - Connection Stopped: /
>> 127.0.0.1:35604
>>
>>
>> Hope somone can help me =)
>>
>> kind regards,
>> geezmo
>> --
>> View this message in context:
>> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>>
>>
>
>
> -----
> Dejan Bosanac
>
>
> http://www.ttmsolutions.com - get a free ActiveMQ user guide
>
> ActiveMQ in Action - http://www.manning.com/snyder/
> Scripting in Java - http://www.scriptinginjava.net
>
--
View this message in context:
http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21289107.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
