The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

<plugins>

    <simpleAuthenticationPlugin>

        <users>

            <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>

            <authenticationUser username="producer" password="producer" groups="producers,consumers"/>

            <authenticationUser username="consumer" password="consumer" groups="consumers"/>

            <authenticationUser username="guest" password="guest" groups="guests"/>

        </users>

    </simpleAuthenticationPlugin>

</plugins>

By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

private String username = "producer";

private String password = "producer";

public Producer() throws JMSException {

    factory = new ActiveMQConnectionFactory(brokerURL);

    connection = factory.createConnection(username, password);

    connection.start();

    session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

    producer = session.createProducer(null);

}

As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method.

Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

ActiveMQ(5.10.0) - Configuring the Simple Authentication Plug-in的更多相关文章

  1. ActiveMQ(5.10.0) - Configuring the JAAS Authentication Plug-in

    JAAS provides pluggable authentication, which means ActiveMQ will use the same authentication API re ...

  2. ActiveMQ(5.10.0) - Destination-level authorization

    To build upon authentication, consider a use case requiring more fine-grained control over clients t ...

  3. ActiveMQ 5.10.0 安装与配置

    先在官网下载activeMQ,我这里是5.10.0. 然后在解压在一个文件夹下即可. 我这里是:D:\apache-activemq-5.10.0-bin 然后进入bin目录:D:\apache-ac ...

  4. ActiveMQ(5.10.0) - Building a custom security plug-in

    If none of any built-in security mechanisms works for you, you can always build your own. Though the ...

  5. ActiveMQ(5.10.0) - Spring Support

    Maven Dependency: <dependencies> <dependency> <groupId>org.apache.activemq</gro ...

  6. ActiveMQ(5.10.0) - 删除闲置的队列或主题

    方法一 通过 ActiveMQ Web 控制台删除. 方法二 通过 Java 代码删除. ActiveMQConnection.destroyDestination(ActiveMQDestinati ...

  7. ActiveMQ(5.10.0) - Connection Configuration URI

    An Apache ActiveMQ connection can be configured by explicitly setting properties on the ActiveMQConn ...

  8. ActiveMQ(5.10.0) - hello world

    Sending a JMS message public class MyMessageProducer { ... // 创建连接工厂实例 ConnectionFactory connFactory ...

  9. ActiveMQ(5.10.0) - 使用 JDBC 持久化消息

    1. 编辑 ACTIVEMQ_HOME/conf/activemq.xml. <beans> <broker brokerName="localhost" per ...

随机推荐

  1. FZU 2082 过路费 (树链剖分 修改单边权)

    题目链接:http://acm.fzu.edu.cn/problem.php?pid=2082 树链剖分模版题,求和,修改单边权. #include <iostream> #include ...

  2. 使用jdk操作 wsdl2java (wedservice)

    打开jdk下的bin目录 看下能否找到"wsimport.exe"这个文件 一般情况下都会有 如果没有则说明你的JDK不支持这个功能 然后在DOS窗口下输入wsimport 敲回车 ...

  3. 小谈chrome调试命令:console.log的使用

    相信从事前端开发的您,一定不会陌生Mozilla五星级推荐的一款插件:firebug,它是如此强大,乃至于我们可以很方便地调试DHTML的近乎所有元素.而在它深邃的机体里,还存有一个命令:consol ...

  4. POJ2142——The Balance

    刚学习的扩展欧几里得算法,刷个水题 求解  线性不定方程 和  模线性方程 求方程 ax+by=c 或 ax≡c (mod b) 的整数解 1.ax+by=gcd(a,b)的一个整数解: <sp ...

  5. 参数对象Struts2中Action的属性接收参数

    题记:写这篇博客要主是加深自己对参数对象的认识和总结实现算法时的一些验经和训教,如果有错误请指出,万分感谢. Action中三种传递并接受参数: 1.  在Action添加成员属性接受参数 例如请求的 ...

  6. Android学习笔记(3)

    今天我试着往应用里添加广告,结果adView一操作就闪退,换了很多种方法都不行. 最后解决过程有点坑爹,原来是还没setcontentview就开始adview了,哈哈 虽然我现在菜得不行,还没入门. ...

  7. 根据字符串创建FTP本地目录 并按照日期建立子目录返回路径

    /** * 根据字符串创建FTP本地目录 并按照日期建立子目录返回 * @param path * @return */ private String getFolder(String path) { ...

  8. 设计模式六大原则——合成/聚合复用原则(CARP)

    1.定义 简而言之,对于合成/聚合复用原则的定义就是:要尽量使用合成和聚合,尽量不要使用继承. 2.释义 为什么"要尽量使用合成和聚合.尽量不要使用继承"呢? 这是由于: 第一,继 ...

  9. 异常捕捉 ( try catch finally ) 你真的掌握了吗?

    前言:java 中的异常处理机制你真的理解了吗?掌握了吗?catch 体里遇到 return 是怎么处理? finally 体遇到 return 怎么办?finally 体里有 System.exit ...

  10. C#二维数组(矩形数组,交错数组)

    C# 支持一维数组.多维数组(矩形数组)和数组的数组(交错的数组) 1.多维数组 声明:string[,] names; 初始化:int[,] numbers = new int[3, 2] { {1 ...