You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ta...@apache.org on 2013/02/25 19:24:20 UTC
svn commit: r1449797 - in /activemq/trunk:
activemq-broker/src/main/java/org/apache/activemq/broker/
activemq-broker/src/main/java/org/apache/activemq/security/
activemq-unit-tests/src/test/java/org/apache/activemq/security/
activemq-unit-tests/src/tes...
Author: tabish
Date: Mon Feb 25 18:24:20 2013
New Revision: 1449797
URL: http://svn.apache.org/r1449797
Log:
fix for: https://issues.apache.org/jira/browse/AMQ-4319
Added:
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java (with props)
Modified:
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasDualAuthenticationBroker.java
activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java
activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginTest.java
activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-anonymous-broker.xml
activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker.xml
activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-separator.xml
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/broker/TransportConnection.java Mon Feb 25 18:24:20 2013
@@ -1552,7 +1552,8 @@ public class TransportConnection impleme
return connectionStateRegister.lookupConnectionState(id);
}
- protected synchronized TransportConnectionState lookupConnectionState(ConnectionId connectionId) {
+ // public only for testing
+ public synchronized TransportConnectionState lookupConnectionState(ConnectionId connectionId) {
return connectionStateRegister.lookupConnectionState(connectionId);
}
Added: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java?rev=1449797&view=auto
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java (added)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java Mon Feb 25 18:24:20 2013
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.security;
+
+import java.util.concurrent.CopyOnWriteArrayList;
+
+import org.apache.activemq.broker.Broker;
+import org.apache.activemq.broker.BrokerFilter;
+import org.apache.activemq.broker.ConnectionContext;
+import org.apache.activemq.command.ActiveMQDestination;
+import org.apache.activemq.command.ConnectionInfo;
+
+public class AbstractAuthenticationBroker extends BrokerFilter {
+
+ protected final CopyOnWriteArrayList<SecurityContext> securityContexts =
+ new CopyOnWriteArrayList<SecurityContext>();
+
+ public AbstractAuthenticationBroker(Broker next) {
+ super(next);
+ }
+
+ @Override
+ public void removeDestination(ConnectionContext context, ActiveMQDestination destination, long timeout) throws Exception {
+ next.removeDestination(context, destination, timeout);
+
+ for (SecurityContext sc : securityContexts) {
+ sc.getAuthorizedReadDests().remove(destination);
+ sc.getAuthorizedWriteDests().remove(destination);
+ }
+ }
+
+ @Override
+ public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error) throws Exception {
+ super.removeConnection(context, info, error);
+ if (securityContexts.remove(context.getSecurityContext())) {
+ context.setSecurityContext(null);
+ }
+ }
+
+ /**
+ * Previously logged in users may no longer have the same access anymore.
+ * Refresh all the logged into users.
+ */
+ public void refresh() {
+ for (SecurityContext sc : securityContexts) {
+ sc.getAuthorizedReadDests().clear();
+ sc.getAuthorizedWriteDests().clear();
+ }
+ }
+}
Propchange: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/AbstractAuthenticationBroker.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasAuthenticationBroker.java Mon Feb 25 18:24:20 2013
@@ -17,28 +17,24 @@
package org.apache.activemq.security;
import java.security.Principal;
-import java.util.Iterator;
import java.util.Set;
-import java.util.concurrent.CopyOnWriteArrayList;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import org.apache.activemq.broker.Broker;
-import org.apache.activemq.broker.BrokerFilter;
import org.apache.activemq.broker.ConnectionContext;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.jaas.JassCredentialCallbackHandler;
/**
* Logs a user in using JAAS.
- *
- *
+ *
+ *
*/
-public class JaasAuthenticationBroker extends BrokerFilter {
+public class JaasAuthenticationBroker extends AbstractAuthenticationBroker {
private final String jassConfiguration;
- private final CopyOnWriteArrayList<SecurityContext> securityContexts = new CopyOnWriteArrayList<SecurityContext>();
public JaasAuthenticationBroker(Broker next, String jassConfiguration) {
super(next);
@@ -54,12 +50,13 @@ public class JaasAuthenticationBroker ex
this.subject = subject;
}
+ @Override
public Set<Principal> getPrincipals() {
return subject.getPrincipals();
}
-
}
+ @Override
public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {
if (context.getSecurityContext() == null) {
@@ -89,24 +86,4 @@ public class JaasAuthenticationBroker ex
}
super.addConnection(context, info);
}
-
- public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error)
- throws Exception {
- super.removeConnection(context, info, error);
- if (securityContexts.remove(context.getSecurityContext())) {
- context.setSecurityContext(null);
- }
- }
-
- /**
- * Previously logged in users may no longer have the same access anymore.
- * Refresh all the logged into users.
- */
- public void refresh() {
- for (Iterator<SecurityContext> iter = securityContexts.iterator(); iter.hasNext();) {
- SecurityContext sc = iter.next();
- sc.getAuthorizedReadDests().clear();
- sc.getAuthorizedWriteDests().clear();
- }
- }
}
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasDualAuthenticationBroker.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasDualAuthenticationBroker.java?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasDualAuthenticationBroker.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/JaasDualAuthenticationBroker.java Mon Feb 25 18:24:20 2013
@@ -23,6 +23,7 @@ import org.apache.activemq.broker.Connec
import org.apache.activemq.broker.Connector;
import org.apache.activemq.broker.EmptyBroker;
import org.apache.activemq.broker.TransportConnector;
+import org.apache.activemq.command.ActiveMQDestination;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.transport.tcp.SslTransportServer;
@@ -83,6 +84,7 @@ public class JaasDualAuthenticationBroke
* @param info The ConnectionInfo Command representing the incoming
* connection.
*/
+ @Override
public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {
if (context.getSecurityContext() == null) {
boolean isSSL;
@@ -106,6 +108,7 @@ public class JaasDualAuthenticationBroke
/**
* Overriding removeConnection to make sure the security context is cleaned.
*/
+ @Override
public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error) throws Exception {
boolean isSSL;
Connector connector = context.getConnector();
@@ -122,4 +125,11 @@ public class JaasDualAuthenticationBroke
this.nonSslBroker.removeConnection(context, info, error);
}
}
+
+ @Override
+ public void removeDestination(ConnectionContext context, ActiveMQDestination destination, long timeout) throws Exception {
+ // Give both a chance to clear out their contexts
+ this.sslBroker.removeDestination(context, destination, timeout);
+ this.nonSslBroker.removeDestination(context, destination, timeout);
+ }
}
Modified: activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java (original)
+++ activemq/trunk/activemq-broker/src/main/java/org/apache/activemq/security/SimpleAuthenticationBroker.java Mon Feb 25 18:24:20 2013
@@ -18,30 +18,24 @@ package org.apache.activemq.security;
import java.security.Principal;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Map;
import java.util.Set;
-import java.util.concurrent.CopyOnWriteArrayList;
import org.apache.activemq.broker.Broker;
-import org.apache.activemq.broker.BrokerFilter;
import org.apache.activemq.broker.ConnectionContext;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.jaas.GroupPrincipal;
/**
* Handles authenticating a users against a simple user name/password map.
- *
- *
*/
-public class SimpleAuthenticationBroker extends BrokerFilter {
+public class SimpleAuthenticationBroker extends AbstractAuthenticationBroker {
private boolean anonymousAccessAllowed = false;
private String anonymousUser;
private String anonymousGroup;
private final Map<String,String> userPasswords;
private final Map<String,Set<Principal>> userGroups;
- private final CopyOnWriteArrayList<SecurityContext> securityContexts = new CopyOnWriteArrayList<SecurityContext>();
public SimpleAuthenticationBroker(Broker next, Map<String,String> userPasswords, Map<String,Set<Principal>> userGroups) {
super(next);
@@ -61,6 +55,7 @@ public class SimpleAuthenticationBroker
this.anonymousGroup = anonymousGroup;
}
+ @Override
public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {
SecurityContext s = context.getSecurityContext();
@@ -69,6 +64,7 @@ public class SimpleAuthenticationBroker
if (anonymousAccessAllowed && info.getUserName() == null && info.getPassword() == null) {
info.setUserName(anonymousUser);
s = new SecurityContext(info.getUserName()) {
+ @Override
public Set<Principal> getPrincipals() {
Set<Principal> groups = new HashSet<Principal>();
groups.add(new GroupPrincipal(anonymousGroup));
@@ -84,6 +80,7 @@ public class SimpleAuthenticationBroker
final Set<Principal> groups = userGroups.get(info.getUserName());
s = new SecurityContext(info.getUserName()) {
+ @Override
public Set<Principal> getPrincipals() {
return groups;
}
@@ -93,6 +90,7 @@ public class SimpleAuthenticationBroker
context.setSecurityContext(s);
securityContexts.add(s);
}
+
try {
super.addConnection(context, info);
} catch (Exception e) {
@@ -101,25 +99,4 @@ public class SimpleAuthenticationBroker
throw e;
}
}
-
- public void removeConnection(ConnectionContext context, ConnectionInfo info, Throwable error)
- throws Exception {
- super.removeConnection(context, info, error);
- if (securityContexts.remove(context.getSecurityContext())) {
- context.setSecurityContext(null);
- }
- }
-
- /**
- * Previously logged in users may no longer have the same access anymore.
- * Refresh all the logged into users.
- */
- public void refresh() {
- for (Iterator<SecurityContext> iter = securityContexts.iterator(); iter.hasNext();) {
- SecurityContext sc = iter.next();
- sc.getAuthorizedReadDests().clear();
- sc.getAuthorizedWriteDests().clear();
- }
- }
-
}
Modified: activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginTest.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginTest.java?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginTest.java (original)
+++ activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/SimpleAuthenticationPluginTest.java Mon Feb 25 18:24:20 2013
@@ -21,18 +21,24 @@ import java.net.URI;
import javax.jms.Connection;
import javax.jms.JMSException;
import javax.jms.Message;
+import javax.jms.MessageProducer;
import javax.jms.Session;
import javax.jms.TemporaryTopic;
import javax.management.ObjectName;
import junit.framework.Test;
+import org.apache.activemq.ActiveMQConnection;
+import org.apache.activemq.ActiveMQConnectionFactory;
import org.apache.activemq.CombinationTestSupport;
import org.apache.activemq.broker.BrokerFactory;
import org.apache.activemq.broker.BrokerService;
+import org.apache.activemq.broker.TransportConnection;
+import org.apache.activemq.broker.TransportConnectionState;
import org.apache.activemq.broker.jmx.TopicViewMBean;
import org.apache.activemq.command.ActiveMQMessage;
import org.apache.activemq.command.ActiveMQQueue;
+import org.apache.activemq.util.Wait;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -54,6 +60,7 @@ public class SimpleAuthenticationPluginT
junit.textui.TestRunner.run(suite());
}
+ @Override
protected BrokerService createBroker() throws Exception {
return createBroker("org/apache/activemq/security/simple-auth-broker.xml");
}
@@ -97,4 +104,32 @@ public class SimpleAuthenticationPluginT
} catch (Exception ignore) {}
}
+ public void testSecurityContextClearedOnPurge() throws Exception {
+
+ connection.close();
+ ActiveMQConnectionFactory tcpFactory = new ActiveMQConnectionFactory(broker.getTransportConnectors().get(0).getPublishableConnectString());
+ ActiveMQConnection conn = (ActiveMQConnection) tcpFactory.createConnection("user", "password");
+ Session sess = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);
+ conn.start();
+
+ final int numDests = broker.getRegionBroker().getDestinations().length;
+ for (int i=0; i<10; i++) {
+ MessageProducer p = sess.createProducer(new ActiveMQQueue("USERS.PURGE." + i));
+ p.close();
+ }
+
+ assertTrue("dests are purged", Wait.waitFor(new Wait.Condition() {
+ @Override
+ public boolean isSatisified() throws Exception {
+ LOG.info("dests, orig: " + numDests + ", now: "+ broker.getRegionBroker().getDestinations().length);
+ return (numDests + 1) == broker.getRegionBroker().getDestinations().length;
+ }
+ }));
+
+ // verify removed from connection security context
+ TransportConnection brokerConnection = broker.getTransportConnectors().get(0).getConnections().get(0);
+ TransportConnectionState transportConnectionState = brokerConnection.lookupConnectionState(conn.getConnectionInfo().getConnectionId());
+ assertEquals("no destinations", 0, transportConnectionState.getContext().getSecurityContext().getAuthorizedWriteDests().size());
+ }
+
}
Modified: activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-anonymous-broker.xml
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-anonymous-broker.xml?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-anonymous-broker.xml (original)
+++ activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-anonymous-broker.xml Mon Feb 25 18:24:20 2013
@@ -6,9 +6,9 @@
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,17 +27,29 @@
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true">
+ <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true" schedulePeriodForDestinationPurge="2000">
<destinations>
- <queue physicalName="TEST.Q" />
- </destinations>
+ <queue physicalName="TEST.Q" />
+ </destinations>
<!-- Use a non-default port in case the default port is in use -->
<managementContext>
<managementContext connectorPort="1199"/>
</managementContext>
+ <destinationPolicy>
+ <policyMap>
+ <policyEntries>
+ <policyEntry queue="USERS.PURGE.>" gcInactiveDestinations="true" inactiveTimoutBeforeGC="500" />
+ </policyEntries>
+ </policyMap>
+ </destinationPolicy>
+
+ <transportConnectors>
+ <transportConnector uri="tcp://0.0.0.0:0" />
+ </transportConnectors>
+
<plugins>
<simpleAuthenticationPlugin anonymousAccessAllowed="true">
<users>
@@ -58,18 +70,18 @@
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests,anonymous" write="guests,users,anonymous" admin="guests,users,anonymous" />
-
+
<authorizationEntry queue="TEST.Q" read="guests" write="guests" />
-
+
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests,anonymous" write="guests,users,anonymous" admin="guests,users,anonymous" />
-
+
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users,anonymous" write="guests,users,anonymous" admin="guests,users,anonymous"/>
</authorizationEntries>
- <tempDestinationAuthorizationEntry>
- <tempDestinationAuthorizationEntry read="admin" write="admin" admin="admin"/>
- </tempDestinationAuthorizationEntry>
+ <tempDestinationAuthorizationEntry>
+ <tempDestinationAuthorizationEntry read="admin" write="admin" admin="admin"/>
+ </tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
Modified: activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker.xml
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker.xml?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker.xml (original)
+++ activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-broker.xml Mon Feb 25 18:24:20 2013
@@ -35,7 +35,7 @@
<property name="location" value="classpath:credentials.properties"/>
</bean>
- <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true">
+ <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true" schedulePeriodForDestinationPurge="2000">
<destinations>
<queue physicalName="TEST.Q" />
@@ -46,6 +46,18 @@
<managementContext connectorPort="1199"/>
</managementContext>
+ <destinationPolicy>
+ <policyMap>
+ <policyEntries>
+ <policyEntry queue="USERS.PURGE.>" gcInactiveDestinations="true" inactiveTimoutBeforeGC="500" />
+ </policyEntries>
+ </policyMap>
+ </destinationPolicy>
+
+ <transportConnectors>
+ <transportConnector uri="tcp://0.0.0.0:0" />
+ </transportConnectors>
+
<plugins>
<simpleAuthenticationPlugin>
<users>
Modified: activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-separator.xml
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-separator.xml?rev=1449797&r1=1449796&r2=1449797&view=diff
==============================================================================
--- activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-separator.xml (original)
+++ activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/simple-auth-separator.xml Mon Feb 25 18:24:20 2013
@@ -35,7 +35,7 @@
<property name="location" value="classpath:credentials.properties"/>
</bean>
- <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true">
+ <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" populateJMSXUserID="true" schedulePeriodForDestinationPurge="2000">
<destinations>
<queue physicalName="TEST.Q" />
@@ -46,16 +46,28 @@
<managementContext connectorPort="1199"/>
</managementContext>
+ <destinationPolicy>
+ <policyMap>
+ <policyEntries>
+ <policyEntry queue="USERS.PURGE.>" gcInactiveDestinations="true" inactiveTimoutBeforeGC="500" />
+ </policyEntries>
+ </policyMap>
+ </destinationPolicy>
+
+ <transportConnectors>
+ <transportConnector uri="tcp://0.0.0.0:0" />
+ </transportConnectors>
+
<plugins>
- <simpleAuthenticationPlugin>
- <users>
- <authenticationUser username="system" password="${activemq.password}"
- groups="users,admins"/>
- <authenticationUser username="user" password="${guest.password}"
- groups="users"/>
- <authenticationUser username="guest" password="${guest.password}" groups="guests"/>
- </users>
- </simpleAuthenticationPlugin>
+ <simpleAuthenticationPlugin>
+ <users>
+ <authenticationUser username="system" password="${activemq.password}"
+ groups="users,admins"/>
+ <authenticationUser username="user" password="${guest.password}"
+ groups="users"/>
+ <authenticationUser username="guest" password="${guest.password}" groups="guests"/>
+ </users>
+ </simpleAuthenticationPlugin>
<!-- lets configure a destination based authorization mechanism -->