You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by "Gerdes, Mike" <Mi...@airbus.com> on 2006/03/16 10:46:43 UTC
Network of brokers, discoveryuri and jaas
hi,
after some trying I managed to get AMQ4 working with JAAS and a broker network. In the activemq.xml file I didn't used the discoveryUri. Then I wanted to try it and got an error. So what happend? What does the discoveryUri do and how can I get it to work with JAAS?
Here is a snipped part of my activemq.xml file:
<plugins>
<jaasAuthenticationPlugin configuration="activemq-domain" />
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
<transportConnectors>
<transportConnector uri="tcp://localhost:61617" discoveryUri="multicast://default"/>
</transportConnectors>
<networkConnectors>
<networkConnector uri="multicast://default"/>
</networkConnectors>
And here one the strange errors I get:
tcp:///127.0.0.1:1878
org.apache.activemq.broker.AbstractConnection.processRemoveConnection(AbstractCo
nnection.java:528)Failed to remove connection ConnectionInfo {commandId = 2, res
ponseRequired = false, connectionId = ID:D0208611-1872-1142502133151-3:0, client
Id = NC_Writer_outboundWriter, userName = null, password = null, brokerPath = nu
ll}
The strange thing is that I get these security errors only when I use discoveryUri and not when I don't use it. This error is because AMQ wants a password and doesn't get it. Even if the application should deliver it, because it can use AMQ in a cluster, when discoveryUri is not set.
cya
mike
This mail has originated outside your organization, either from an external partner or the Global Internet. Keep this in mind if you answer this message.
Re: Network of brokers, discoveryuri and jaas
Posted by James Strachan <ja...@gmail.com>.
BTW this is also similar to this issue in JIRA...
http://jira.activemq.org/jira/browse/AMQ-636
I think enabling loopBackMode by default could well fix these problems.
James
On 3/16/06, James Strachan <ja...@gmail.com> wrote:
>
> I think this is the multicast discovery causing complications. Multicast
> discovery is used in this case, with the <networkConnector> to auto-discover
> brokers and connect them together. Steve recently hit this one too...
>
> http://mail-archives.apache.org/mod_mbox/geronimo-activemq-users/200603.mbox/%3c24970.194.203.201.92.1142429132.squirrel@mail.formicary.net%3e
>
>
> the problems is caused by the multicast-discovery connecting a broker to
> itself causing problems. If you don't need/want multicast discovery you
> could just disable it. Another alternative is to enable loop back mode as
> follows to disable mutlicat-sending messages to itself...
>
> <networkConnector uri="multicast://default?loopBackMode=true"/>
>
>
>
>
> On 3/16/06, Gerdes, Mike < Mike.Gerdes@airbus.com > wrote:
> >
> >
> > hi,
> >
> > after some trying I managed to get AMQ4 working with JAAS and a broker
> > network. In the activemq.xml file I didn't used the discoveryUri. Then I
> > wanted to try it and got an error. So what happend? What does the
> > discoveryUri do and how can I get it to work with JAAS?
> > Here is a snipped part of my activemq.xml file:
> >
> > <plugins>
> > <jaasAuthenticationPlugin configuration="activemq-domain" />
> > <authorizationPlugin>
> > <map>
> > <authorizationMap>
> > <authorizationEntries>
> > <authorizationEntry queue=">" read="admins" write="admins"
> > admin="admins" />
> > <authorizationEntry topic=">" read="admins" write="admins"
> > admin="admins" />
> > </authorizationEntries>
> > </authorizationMap>
> > </map>
> > </authorizationPlugin>
> > </plugins>
> >
> > <transportConnectors>
> > <transportConnector uri="tcp://localhost:61617"
> > discoveryUri="multicast://default"/>
> > </transportConnectors>
> >
> > <networkConnectors>
> > <networkConnector uri="multicast://default"/>
> > </networkConnectors>
> >
> > And here one the strange errors I get:
> >
> > tcp:///127.0.0.1:1878
> > org.apache.activemq.broker.AbstractConnection.processRemoveConnection(AbstractCo
> > nnection.java:528)Failed to remove connection ConnectionInfo {commandId
> > = 2, res
> > ponseRequired = false, connectionId =
> > ID:D0208611-1872-1142502133151-3:0, client
> > Id = NC_Writer_outboundWriter, userName = null, password = null,
> > brokerPath = nu
> > ll}
> >
> > The strange thing is that I get these security errors only when I use
> > discoveryUri and not when I don't use it. This error is because AMQ wants a
> > password and doesn't get it. Even if the application should deliver it,
> > because it can use AMQ in a cluster, when discoveryUri is not set.
> >
> > cya
> >
> > mike
> >
> > This mail has originated outside your organization, either from an
> > external partner or the Global Internet. Keep this in mind if you answer
> > this message.
> >
>
>
>
> --
>
> James
> -------
> http://radio.weblogs.com/0112098/
>
--
James
-------
http://radio.weblogs.com/0112098/
Re: Network of brokers, discoveryuri and jaas
Posted by James Strachan <ja...@gmail.com>.
I think this is the multicast discovery causing complications. Multicast
discovery is used in this case, with the <networkConnector> to auto-discover
brokers and connect them together. Steve recently hit this one too...
http://mail-archives.apache.org/mod_mbox/geronimo-activemq-users/200603.mbox/%3c24970.194.203.201.92.1142429132.squirrel@mail.formicary.net%3e
the problems is caused by the multicast-discovery connecting a broker to
itself causing problems. If you don't need/want multicast discovery you
could just disable it. Another alternative is to enable loop back mode as
follows to disable mutlicat-sending messages to itself...
<networkConnector uri="multicast://default?loopBackMode=true"/>
On 3/16/06, Gerdes, Mike <Mike.Gerdes@airbus.com > wrote:
>
>
> hi,
>
> after some trying I managed to get AMQ4 working with JAAS and a broker
> network. In the activemq.xml file I didn't used the discoveryUri. Then I
> wanted to try it and got an error. So what happend? What does the
> discoveryUri do and how can I get it to work with JAAS?
> Here is a snipped part of my activemq.xml file:
>
> <plugins>
> <jaasAuthenticationPlugin configuration="activemq-domain" />
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="admins" write="admins"
> admin="admins" />
> <authorizationEntry topic=">" read="admins" write="admins"
> admin="admins" />
> </authorizationEntries>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> </plugins>
>
> <transportConnectors>
> <transportConnector uri="tcp://localhost:61617"
> discoveryUri="multicast://default"/>
> </transportConnectors>
>
> <networkConnectors>
> <networkConnector uri="multicast://default"/>
> </networkConnectors>
>
> And here one the strange errors I get:
>
> tcp:///127.0.0.1:1878
> org.apache.activemq.broker.AbstractConnection.processRemoveConnection(AbstractCo
> nnection.java:528)Failed to remove connection ConnectionInfo {commandId =
> 2, res
> ponseRequired = false, connectionId = ID:D0208611-1872-1142502133151-3:0,
> client
> Id = NC_Writer_outboundWriter, userName = null, password = null,
> brokerPath = nu
> ll}
>
> The strange thing is that I get these security errors only when I use
> discoveryUri and not when I don't use it. This error is because AMQ wants a
> password and doesn't get it. Even if the application should deliver it,
> because it can use AMQ in a cluster, when discoveryUri is not set.
>
> cya
>
> mike
>
> This mail has originated outside your organization, either from an
> external partner or the Global Internet. Keep this in mind if you answer
> this message.
>
--
James
-------
http://radio.weblogs.com/0112098/