No good. I should note that I'm combining LDAP authenticate with simple authorization. Is that possible?
Chris On Wed, Feb 1, 2012 at 12:42 PM, Matt Pavlovich <[email protected]> wrote: > My bad.. the default is "s" in the ActiveMQ src. This is where you would > specify "ssl" or not. I think the problem is that you have it empty, so > its parsing as NULL, and you are getting the error. Try not setting it, > and see if the default works for you. > > > On 2/1/12 12:22 PM, Chris Robison wrote: > >> I'm trying to use the LDAP login module to tie into Active Directory. >> Here's what my AMQ conf looks like: >> >> <plugins> >> <jaasAuthenticationPlugin configuration="ldap-login" /> >> <authorizationPlugin> >> <map> >> <authorizationMap> >> <authorizationEntries> >> <authorizationEntry queue=">" read="MQCoreAdmin" write="MQCoreAdmin" >> admin="MQCoreAdmin" /> >> <authorizationEntry topic=">" read="MQCoreAdmin" write="MQCoreAdmin" >> admin="MQCoreAdmin" /> >> </authorizationEntries> >> </authorizationMap> >> </map> >> </authorizationPlugin> >> </plugins> >> >> Here is what the login.config looks like: >> >> ldap-login { >> org.apache.activemq.jaas.**LDAPLoginModule required >> debug=true >> initialContextFactory=com.sun.**jndi.ldap.LdapCtxFactory >> connectionURL="ldap://dc101.**cdr.corp"; >> connectionUsername="CN=AMQ Service User,CN=Users,DC=cdr,DC=corp" >> connectionPassword=Password! >> connectionProtocol="" >> authentication=simple >> userBase="OU=Users,OU=**ActiveMQ,DC=cdr,DC=corp" >> userSearchMatching="(**samaccountname={0})" >> userSearchSubtree=false >> roleBase="OU=Groups,OU=**ActiveMQ,DC=cdr,DC=corp" >> roleName=cn >> roleSearchMatching="(member={**0})" >> roleSearchSubtree=false >> ; >> }; >> >> I'm trying to simply connect another broker to this broker. Here is the >> network connector config that I'm using on the second broker: >> >> <networkConnectors> >> <networkConnector uri="static:(tcp://localhost:**61616)" >> duplex="true" userName="mqsiteuser1" password="Password!"/> >> </networkConnectors> >> >> Here's the exception I'm getting in the logs: >> >> 2012-02-01 11:14:07,064 | WARN | Failed to add Connection >> ID:ubuntu1-54051-**1328120046405-2:1, reason: >> java.lang.SecurityException: >> User name or password is invalid. | >> org.apache.activemq.broker.**TransportConnection | ActiveMQ Transport: >> tcp:/// >> 127.0.0.1:45176 >> 2012-02-01 11:14:07,070 | DEBUG | Exception detail: | >> org.apache.activemq.broker.**TransportConnection | ActiveMQ Transport: >> tcp:/// >> 127.0.0.1:45176 >> java.lang.SecurityException: User name or password is invalid. >> at >> org.apache.activemq.security.**JaasAuthenticationBroker.**addConnection(* >> *JaasAuthenticationBroker.java:**83) >> at >> org.apache.activemq.broker.**BrokerFilter.addConnection(** >> BrokerFilter.java:85) >> at >> org.apache.activemq.broker.**MutableBrokerFilter.**addConnection(** >> MutableBrokerFilter.java:91) >> at >> org.apache.activemq.broker.**TransportConnection.**processAddConnection(* >> *TransportConnection.java:692) >> at org.apache.activemq.command.**ConnectionInfo.visit(** >> ConnectionInfo.java:137) >> at >> org.apache.activemq.broker.**TransportConnection.service(** >> TransportConnection.java:306) >> at >> org.apache.activemq.broker.**TransportConnection$1.** >> onCommand(TransportConnection.**java:179) >> at >> org.apache.activemq.transport.**ResponseCorrelator.onCommand(** >> ResponseCorrelator.java:116) >> at >> org.apache.activemq.transport.**TransportFilter.onCommand(** >> TransportFilter.java:69) >> at >> org.apache.activemq.transport.**vm.VMTransport.dispatch(** >> VMTransport.java:121) >> at org.apache.activemq.transport.**vm.VMTransport.oneway(** >> VMTransport.java:112) >> at >> org.apache.activemq.transport.**MutexTransport.oneway(** >> MutexTransport.java:40) >> at >> org.apache.activemq.transport.**ResponseCorrelator.oneway(** >> ResponseCorrelator.java:60) >> at >> org.apache.activemq.network.**DemandForwardingBridgeSupport.** >> serviceRemoteCommand(**DemandForwardingBridgeSupport.**java:516) >> at >> org.apache.activemq.network.**DemandForwardingBridgeSupport$** >> 2.onCommand(**DemandForwardingBridgeSupport.**java:165) >> at >> org.apache.activemq.transport.**ResponseCorrelator.onCommand(** >> ResponseCorrelator.java:116) >> at >> org.apache.activemq.transport.**TransportFilter.onCommand(** >> TransportFilter.java:69) >> at >> org.apache.activemq.transport.**WireFormatNegotiator.**onCommand(** >> WireFormatNegotiator.java:113) >> at >> org.apache.activemq.transport.**InactivityMonitor.onCommand(** >> InactivityMonitor.java:227) >> at >> org.apache.activemq.transport.**TransportSupport.doConsume(** >> TransportSupport.java:83) >> at >> org.apache.activemq.transport.**tcp.TcpTransport.doRun(** >> TcpTransport.java:220) >> at org.apache.activemq.transport.**tcp.TcpTransport.run(** >> TcpTransport.java:202) >> at java.lang.Thread.run(Thread.**java:679) >> Caused by: java.lang.SecurityException: Configuration Error: >> Line 6: expected [option key], found [null] >> at com.sun.security.auth.login.**ConfigFile.<init>(ConfigFile.**java:110) >> at sun.reflect.**NativeConstructorAccessorImpl.**newInstance0(Native >> Method) >> at >> sun.reflect.**NativeConstructorAccessorImpl.**newInstance(** >> NativeConstructorAccessorImpl.**java:57) >> at >> sun.reflect.**DelegatingConstructorAccessorI**mpl.newInstance(** >> DelegatingConstructorAccessorI**mpl.java:45) >> at java.lang.reflect.Constructor.**newInstance(Constructor.java:**532) >> at java.lang.Class.newInstance0(**Class.java:372) >> at java.lang.Class.newInstance(**Class.java:325) >> at javax.security.auth.login.**Configuration$3.run(** >> Configuration.java:264) >> at javax.security.auth.login.**Configuration$3.run(** >> Configuration.java:260) >> at java.security.**AccessController.doPrivileged(**Native Method) >> at >> javax.security.auth.login.**Configuration.**getConfiguration(** >> Configuration.java:259) >> at javax.security.auth.login.**LoginContext$1.run(** >> LoginContext.java:254) >> at javax.security.auth.login.**LoginContext$1.run(** >> LoginContext.java:252) >> at java.security.**AccessController.doPrivileged(**Native Method) >> at javax.security.auth.login.**LoginContext.init(**LoginContext.java:251) >> at javax.security.auth.login.**LoginContext.<init>(** >> LoginContext.java:418) >> at >> org.apache.activemq.security.**JaasAuthenticationBroker.**addConnection(* >> *JaasAuthenticationBroker.java:**75) >> ... 22 more >> Caused by: java.io.IOException: Configuration Error: >> Line 6: expected [option key], found [null] >> at com.sun.security.auth.login.**ConfigFile.match(ConfigFile.**java:577) >> at >> com.sun.security.auth.login.**ConfigFile.parseLoginEntry(** >> ConfigFile.java:440) >> at com.sun.security.auth.login.**ConfigFile.readConfig(** >> ConfigFile.java:383) >> at com.sun.security.auth.login.**ConfigFile.init(ConfigFile.**java:283) >> at com.sun.security.auth.login.**ConfigFile.init(ConfigFile.**java:219) >> at com.sun.security.auth.login.**ConfigFile.<init>(ConfigFile.**java:108) >> ... 38 more >> >> I'm not understanding the Configuration Error. What is it expecting that >> I'm not giving it? Any help would be appreciated. >> >> Thanks, >> Chris >> >>
