Hello Dejan,

first thanks for you reply. I think I provide valid login data because
stated in the warning message

WARN  Service                        - Failed to remove connection
ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
ID:tank2-58514-1230731215437-2:0, clientId =
ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
brokerPath = null, brokerMasterConnector = false, manageable = false,
clientMaster = true} 

there are username and password in my request.

Further the same error occurs, if I try to send a message over the web
console, which isn't a tragedy, but there I'm able to authenticate over my
jaas system.

cheers,
manuel


Dejan Bosanac wrote:
> 
> Hi,
> 
> it looks like you are trying to connect from Stomp client and you are not
> providing valid credentials. Can you check if you are passing username and
> password in your "connect" call.
> 
> Cheers
> --
> Dejan Bosanac
> 
> Open Source Integration - http://fusesource.com/
> ActiveMQ in Action - http://www.manning.com/snyder/
> Blog - http://www.nighttale.net
> 
> 
> On Wed, Dec 31, 2008 at 2:54 PM, geezmo <m...@netmonic.com> wrote:
> 
>>
>> Hello,
>>
>> I try to configure JAAS to secure my broker and web console. Therefore I
>> created login.config file with
>>
>> ActiveMQ {
>>        org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
>>        debug="true"
>>        file="/full/path/to/realm.properties";
>> };
>>
>> and my realm properties looks like
>>
>> system: manager,admins
>>
>> Further I added
>>
>> <plugins>
>>
>>                        <jaasAuthenticationPlugin configuration="ActiveMQ"
>> />
>>
>>                        <!--  lets configure a destination based
>> authorization mechanism -->
>>                        <authorizationPlugin>
>>                                <map>
>>                                        <authorizationMap>
>>                                                <authorizationEntries>
>>                                                       
>> <authorizationEntry
>> queue=">" read="admins"
>>
>>  write="admins" admin="admins" />
>>
>>                                                       
>> <authorizationEntry
>> topic=">" read="admins"
>>
>>  write="admins" admin="admins" />
>>                                                </authorizationEntries>
>>
>>
>>  <tempDestinationAuthorizationEntry>
>>
>>  <tempDestinationAuthorizationEntry
>>
>>  read="admins" write="admins" admin="admins" />
>>
>>  </tempDestinationAuthorizationEntry>
>>                                        </authorizationMap>
>>                                </map>
>>                        </authorizationPlugin>
>>                </plugins>
>>
>> to my broker.
>>
>> I already use my jaas config successfully to login to my web console with
>> given credentials. But if I try to send a message to a queue I get the
>> following error:
>>
>> DEBUG TransportConnection            - Setting up new connection:
>> /127.0.0.1:35604
>> WARN  TransportConnection            - Failed to add Connection
>> java.lang.SecurityException: User name or password is invalid.
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>>        at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>>        at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>>        at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>>        at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>>        at java.lang.Thread.run(Thread.java:619)
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>>        at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>>        at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>        at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>        at java.security.AccessController.doPrivileged(Native Method)
>>        at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>        at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>>        ... 17 more
>> DEBUG Service                        - Error occured while processing
>> sync
>> command: java.lang.SecurityException: User name or password is invalid.
>> java.lang.SecurityException: User name or password is invalid.
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>>        at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>>        at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>>        at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>>        at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>>        at java.lang.Thread.run(Thread.java:619)
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>>        at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>>        at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>        at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>        at java.security.AccessController.doPrivileged(Native Method)
>>        at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>        at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>>        ... 17 more
>> DEBUG Transport                      - Transport failed:
>> java.io.IOException: User name or password is invalid.
>> java.io.IOException: User name or password is invalid.
>>        at
>>
>> org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56)
>>        at
>> org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181)
>>        at
>>
>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475)
>>        at
>>
>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187)
>>        at
>>
>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67)
>>        at
>>
>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203)
>>        at
>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185)
>>        at java.lang.Thread.run(Thread.java:619)
>> Caused by: java.lang.SecurityException: User name or password is invalid.
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
>>        at
>> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679)
>>        at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
>>        at
>> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179)
>>        ... 10 more
>> Caused by: javax.security.auth.login.LoginException: Login Failure: all
>> modules ignored
>>        at
>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
>>        at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>        at
>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>        at java.security.AccessController.doPrivileged(Native Method)
>>        at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>        at
>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76)
>>        ... 17 more
>> DEBUG TransportConnection            - Stopping connection: /
>> 127.0.0.1:35604
>> DEBUG TcpTransport                   - Stopping transport
>> tcp:///127.0.0.1:35604
>> DEBUG TransportConnection            - Stopped transport:
>> /127.0.0.1:35604
>> DEBUG TransportConnection            - Cleaning up connection resources:
>> /127.0.0.1:35604
>> WARN  Service                        - Failed to remove connection
>> ConnectionInfo {commandId = 0, responseRequired = true, connectionId =
>> ID:tank2-58514-1230731215437-2:0, clientId =
>> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager,
>> brokerPath = null, brokerMasterConnector = false, manageable = false,
>> clientMaster = true}
>> java.lang.SecurityException: User is not authenticated.
>>        at
>>
>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149)
>>        at
>> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417)
>>        at
>>
>> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357)
>>        at
>>
>> org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>>        at
>>
>> org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95)
>>        at
>>
>> org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110)
>>        at
>>
>> org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000)
>>        at
>>
>> org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74)
>>        at
>>
>> org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925)
>> DEBUG TransportConnection            - Connection Stopped: /
>> 127.0.0.1:35604
>>
>>
>> Hope somone can help me =)
>>
>> kind regards,
>> geezmo
>> --
>> View this message in context:
>> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>>
>>
> 
> 
> -----
> Dejan Bosanac
> 
> 
> http://www.ttmsolutions.com - get a free ActiveMQ user guide
> 
> ActiveMQ in Action - http://www.manning.com/snyder/
> Scripting in Java - http://www.scriptinginjava.net
> 

-- 
View this message in context: 
http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21289107.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Reply via email to