Hi,
There is an tutorial for configuring ActiveMQ to authenticate against an LDAP server in the ActiveMQ Security Guide from FuseSource. http://fusesource.com/docs/broker/5.5/security/front.html See chapter 6 "LDAP tutorial" for a step-by-step guide. Further, my blog contains two posts that extend this tutorial with the following topics - Securing the broker using LDAP based authentication but also allowing anonymous connections with restricted permissions http://tmielke.blogspot.com/2011/12/activemq-ldap-based-authentication-and.html - Securing the ActiveMQ web console to do LDAP based authentication http://tmielke.blogspot.com/2011/12/securing-activemq-web-console-using.html Hope this will be helpful. Torsten Mielke [email protected] [email protected] On Feb 1, 2012, at 10:03 PM, Matt Pavlovich wrote: > Glad to hear :-) > > On 2/1/12 3:00 PM, Chris Robison wrote: >> Sweet! Now I'm getting an LDAP error, which is progress. >> >> On Wed, Feb 1, 2012 at 1:56 PM, Matt Pavlovich<[email protected]> wrote: >> >>> Ah, start w/ line 0.. that puts it at connectionPassword. Try adding " " >>> around "Password!". The exclamation point may be throwing it off. >>> >>> >>> On 2/1/12 2:47 PM, Chris Robison wrote: >>> >>>> The error says line 6 which in my login.config is connectionUsername. >>>> >>>> Chris >>>> >>>> On Wed, Feb 1, 2012 at 1:42 PM, Chris >>>> Robison<chrisdrobison@gmail.**com<[email protected]> >>>>> wrote: >>>> When I run it, I still get the error. >>>>> >>>>> On Wed, Feb 1, 2012 at 1:32 PM, Matt Pavlovich<[email protected]> >>>>> wrote: >>>>> >>>>> Chris- >>>>>> I whipped up a quick unit test, and this passed. I set the >>>>>> connectionProtocol=s, w/o quotes. >>>>>> >>>>>> >>>>>> ldap-login { >>>>>> org.apache.activemq.jaas.****LDAPLoginModule required >>>>>> debug=true >>>>>> initialContextFactory=com.sun.****jndi.ldap.LdapCtxFactory >>>>>> connectionURL="ldap://dc101.****cdr.corp"; >>>>>> >>>>>> connectionUsername="CN=AMQ Service User,CN=Users,DC=cdr,DC=corp" >>>>>> connectionPassword=Password! >>>>>> connectionProtocol=s >>>>>> >>>>>> authentication=simple >>>>>> userBase="OU=Users,OU=****ActiveMQ,DC=cdr,DC=corp" >>>>>> userSearchMatching="(****samaccountname={0})" >>>>>> userSearchSubtree=false >>>>>> roleBase="OU=Groups,OU=****ActiveMQ,DC=cdr,DC=corp" >>>>>> roleName=cn >>>>>> roleSearchMatching="(member={****0})" >>>>>> >>>>>> roleSearchSubtree=false >>>>>> ; >>>>>> }; >>>>>> >>>>>> >>>>>> On 2/1/12 2:24 PM, Chris Robison wrote: >>>>>> >>>>>> I can do that. I'll let you know. >>>>>>> On Wed, Feb 1, 2012 at 1:19 PM, Matt Pavlovich<[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> How comfortable are you with Java? The next step to try would be to >>>>>>> >>>>>>>> write >>>>>>>> up a quick Java unit test that has the ConfigFile class try to >>>>>>>> intialize >>>>>>>> against your login.config file. >>>>>>>> >>>>>>>> See: >>>>>>>> >>>>>>>> com.sun.security.auth.login.******ConfigFile >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On 2/1/12 1:59 PM, Chris Robison wrote: >>>>>>>> >>>>>>>> Yeah, it's the exact same exception. >>>>>>>> >>>>>>>>> On Wed, Feb 1, 2012 at 12:55 PM, Matt Pavlovich<[email protected]> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>> Are you getting the exact same exception? Your original exception >>>>>>>>> cause >>>>>>>>> >>>>>>>>> shows a null value for a key in that config: >>>>>>>>>> >>>>>>>>>> Caused by: java.io.IOException: Configuration Error: >>>>>>>>>> Line 6: expected [option key], found [null] >>>>>>>>>> at com.sun.security.auth.login.**********ConfigFile.match(** >>>>>>>>>> ConfigFile.****** >>>>>>>>>> java:577) >>>>>>>>>> at >>>>>>>>>> com.sun.security.auth.login.**********ConfigFile.** >>>>>>>>>> parseLoginEntry(******ry(** >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>
