The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

<plugins>

    <simpleAuthenticationPlugin>

        <users>

            <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>

            <authenticationUser username="producer" password="producer" groups="producers,consumers"/>

            <authenticationUser username="consumer" password="consumer" groups="consumers"/>

            <authenticationUser username="guest" password="guest" groups="guests"/>

        </users>

    </simpleAuthenticationPlugin>

</plugins>

By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

private String username = "producer";

private String password = "producer";

public Producer() throws JMSException {

    factory = new ActiveMQConnectionFactory(brokerURL);

    connection = factory.createConnection(username, password);

    connection.start();

    session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

    producer = session.createProducer(null);

}

As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method.

Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

ActiveMQ(5.10.0) - Configuring the Simple Authentication Plug-in的更多相关文章

  1. ActiveMQ(5.10.0) - Configuring the JAAS Authentication Plug-in

    JAAS provides pluggable authentication, which means ActiveMQ will use the same authentication API re ...

  2. ActiveMQ(5.10.0) - Destination-level authorization

    To build upon authentication, consider a use case requiring more fine-grained control over clients t ...

  3. ActiveMQ 5.10.0 安装与配置

    先在官网下载activeMQ,我这里是5.10.0. 然后在解压在一个文件夹下即可. 我这里是:D:\apache-activemq-5.10.0-bin 然后进入bin目录:D:\apache-ac ...

  4. ActiveMQ(5.10.0) - Building a custom security plug-in

    If none of any built-in security mechanisms works for you, you can always build your own. Though the ...

  5. ActiveMQ(5.10.0) - Spring Support

    Maven Dependency: <dependencies> <dependency> <groupId>org.apache.activemq</gro ...

  6. ActiveMQ(5.10.0) - 删除闲置的队列或主题

    方法一 通过 ActiveMQ Web 控制台删除. 方法二 通过 Java 代码删除. ActiveMQConnection.destroyDestination(ActiveMQDestinati ...

  7. ActiveMQ(5.10.0) - Connection Configuration URI

    An Apache ActiveMQ connection can be configured by explicitly setting properties on the ActiveMQConn ...

  8. ActiveMQ(5.10.0) - hello world

    Sending a JMS message public class MyMessageProducer { ... // 创建连接工厂实例 ConnectionFactory connFactory ...

  9. ActiveMQ(5.10.0) - 使用 JDBC 持久化消息

    1. 编辑 ACTIVEMQ_HOME/conf/activemq.xml. <beans> <broker brokerName="localhost" per ...

随机推荐

  1. OAuth 2.0介绍学习

    OAuth2.0是OAuth协议的下一版本,但不向后兼容OAuth 1.0即完全废止了OAuth1.0. OAuth 2.0关注客户端开发者的简易性.要么通过组织在资源拥有者和HTTP服务商之间的被批 ...

  2. 新手一步一步OpenCV+Win7+Visual Studio 2013环境配置

    地点:湖南大学软件大楼211 时间:2013.12.19 昨天导师布置了个任务,要求是找出用相机拍出同一移动场景下的两张照片,计算机能根据其中的差异计算场景移动的距离和旋转角度.据说以前很牛逼的师兄完 ...

  3. Usage of readonly and const

    Many new learners can not make sure the usage scenarios of readonly and const keywords. In my opinio ...

  4. Line去年营收超5亿美元 远超竞争对手WhatsApp

    原文地址: http://news.cnblogs.com/n/206072/ 凭借着修改表情取悦国际用户的做法,日本移动消息应用 Line 在全球的用户总数已经超过 4 亿.Line.微信.What ...

  5. 【WinForm】C# 发送Email

    发送Email  的条件 1.SmtpClient SMTP 协议    即 Host 处理事务的主机或IP地址     //smtp.163.com      UseDefaultCredentia ...

  6. Codeforces Beta Round #51 D. Beautiful numbers 数位dp

    D. Beautiful numbers Time Limit: 20 Sec Memory Limit: 256 MB 题目连接 http://codeforces.com/contest/55/p ...

  7. android 用ListView实现表格样式

    原文:http://blog.csdn.net/centralperk/article/details/8016350 效果图: 源码下载地址:http://download.csdn.net/det ...

  8. [AngularJS] Using $anchorScroll

    If you're in a scenario where you want to disable the auto scrolling, but you want to control the sc ...

  9. 设计一个算法,输出从u到v的全部最短路径(採用邻接表存储)

    思想:用path数组存放路径(初始为空),d表示路径长度(初始为-1),查找从顶点u到v的最短路径过程如图所看到的: watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5u ...

  10. Online DDL与pt-online-schema-change

    http://seanlook.com/2016/05/24/mysql-online-ddl-concept/ http://seanlook.com/2016/05/27/mysql-pt-onl ...