I'm trying to implement LDAP based authentication and authorization in ActiveMQ.
The LDAP part is done with ApacheDS 2.0. I created the users (e.g. uid=user2,ou=users,o=X) as inetOrgPerson with a SHA userPassword. The ou=system looks like this: LDAP.png <http://activemq.2283324.n4.nabble.com/file/t379096/LDAP.png> The shiro.ini contains: ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm ldapRealm.userDnTemplate = uid={0},ou=users,o=X ldapRealm.contextFactory.url = ldap://localhost:10389 securityManager.realms = $ldapRealm The authentication is working from Java: Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); SecurityManager securityManager = factory.getInstance(); AuthenticationToken authenticationToken = new UsernamePasswordToken("user2", "password123"); AuthenticationInfo authenticationInfo = securityManager.authenticate(authenticationToken); System.out.println("authenticationInfo: " + authenticationInfo); //authenticationInfo: user2 However, when connecting to the MoM-Broker and trying to send a Message I get the following Exception: SecurityException: Subject [user2] is not authorized to create destination: topic://ActiveMQ.Advisory.Connection How can I grant this user to create the destination topic? For reference, I tried to get an answer here <https://stackoverflow.com/q/50703245/12860> first. -- Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html
