You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Vandy <va...@gmail.com> on 2013/03/02 01:47:11 UTC
secure a queue in Activemq
Hi
I am using ActiveMQ 5.8.0
I have configured a queue and want to secure the publishers that are sending
messages to queue and consumers who can get messages from queue.
I did following setting in my activemq.xml
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system"
password="liverpoolProd"
groups="users,admins"/>
<authenticationUser
username="clickloggerPublisher" password="cambridgeProd"
groups="clickloggerPublisherGrp,users"/>
<authenticationUser username="clickloggerConsumer"
password="londonProd"
groups="clickloggerConsumerGrp,users"/>
</users>
</simpleAuthenticationPlugin>
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins"
write="admins" admin="admins" />
<authorizationEntry queue="QUEUE.ClickloggerQ"
read="clickloggerConsumerGrp"
write="clickloggerPublisherGrp" admin="admin"/>
<authorizationEntry topic=">" read="admins"
write="admins" admin="admins" />
<authorizationEntry queue="ActiveMQ.DLQ" read="users,
clickloggerDeadLetterQueueSub" write="users, clickloggerDeadLetterQueueSub"
admin="users,admin"/>
</authorizationEntries>
<tempDestinationAuthorizationEntry>
<tempDestinationAuthorizationEntry
read="tempDestinationAdmins" write="tempDestinationAdmins"
admin="tempDestinationAdmins"/>
</tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
I am not sure where to provide the username password in my spring
application for securing access to queue.
Please guide me.
Thanks
--
View this message in context: http://activemq.2283324.n4.nabble.com/secure-a-queue-in-Activemq-tp4664312.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: secure a queue in Activemq
Posted by Vandy <va...@gmail.com>.
Hi
Can you please share some sample spring file sowing authentication
username/password used with DefaultMessageListenerContainer.
Thanks!
--
View this message in context: http://activemq.2283324.n4.nabble.com/secure-a-queue-in-Activemq-tp4664312p4664446.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: secure a queue in Activemq
Posted by Christian Posta <ch...@gmail.com>.
So even with DMLC you have to set/inject a connection factory.
On Tue, Mar 5, 2013 at 12:43 PM, Vandy <va...@gmail.com> wrote:
> Hi
>
> Thanks for the response.
>
> In authorization map , I have used one group which can read from the queue
> and anorther group which can write to queue.
> I am able to configure the username/password for writing to queue using
> UserCredentialsConnectionFactoryAdapter with jmstemplate.
>
> I am not able to figure out how to provide username /password for reading
> from queue.I am using DefaultMessageListenerContainer and message Listener
> in spring config file for reading the queue.
> Please suggest.
> Thanks
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/secure-a-queue-in-Activemq-tp4664312p4664402.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
--
*Christian Posta*
http://www.christianposta.com/blog
twitter: @christianposta
Re: secure a queue in Activemq
Posted by Vandy <va...@gmail.com>.
Hi
Thanks for the response.
In authorization map , I have used one group which can read from the queue
and anorther group which can write to queue.
I am able to configure the username/password for writing to queue using
UserCredentialsConnectionFactoryAdapter with jmstemplate.
I am not able to figure out how to provide username /password for reading
from queue.I am using DefaultMessageListenerContainer and message Listener
in spring config file for reading the queue.
Please suggest.
Thanks
--
View this message in context: http://activemq.2283324.n4.nabble.com/secure-a-queue-in-Activemq-tp4664312p4664402.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.
Re: secure a queue in Activemq
Posted by Christian Posta <ch...@gmail.com>.
You'll want to set the un/pw on the connection factory. If you're using
spring, it's a property of the connection-factory bean
On Fri, Mar 1, 2013 at 5:47 PM, Vandy <va...@gmail.com> wrote:
> Hi
> I am using ActiveMQ 5.8.0
> I have configured a queue and want to secure the publishers that are
> sending
> messages to queue and consumers who can get messages from queue.
>
> I did following setting in my activemq.xml
>
> <plugins>
> <simpleAuthenticationPlugin>
> <users>
> <authenticationUser username="system"
> password="liverpoolProd"
> groups="users,admins"/>
> <authenticationUser
> username="clickloggerPublisher" password="cambridgeProd"
>
> groups="clickloggerPublisherGrp,users"/>
> <authenticationUser
> username="clickloggerConsumer"
> password="londonProd"
>
> groups="clickloggerConsumerGrp,users"/>
>
>
> </users>
> </simpleAuthenticationPlugin>
>
>
>
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="admins"
> write="admins" admin="admins" />
>
> <authorizationEntry queue="QUEUE.ClickloggerQ"
>
> read="clickloggerConsumerGrp"
> write="clickloggerPublisherGrp" admin="admin"/>
>
> <authorizationEntry topic=">" read="admins"
> write="admins" admin="admins" />
>
> <authorizationEntry queue="ActiveMQ.DLQ"
> read="users,
> clickloggerDeadLetterQueueSub" write="users, clickloggerDeadLetterQueueSub"
> admin="users,admin"/>
> </authorizationEntries>
>
>
> <tempDestinationAuthorizationEntry>
> <tempDestinationAuthorizationEntry
> read="tempDestinationAdmins" write="tempDestinationAdmins"
> admin="tempDestinationAdmins"/>
> </tempDestinationAuthorizationEntry>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> </plugins>
>
> I am not sure where to provide the username password in my spring
> application for securing access to queue.
>
> Please guide me.
> Thanks
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/secure-a-queue-in-Activemq-tp4664312.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
--
*Christian Posta*
http://www.christianposta.com/blog
twitter: @christianposta