You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by John Fletcher <fl...@gmail.com> on 2011/07/05 11:28:07 UTC
Simplest possible broker-to-broker authentication
I'm trying to implement security and I want to start by just creating a
simple broker to broker authentication (ActiveMQ 5.5.0). Unfortunately when
I add the simpleAuthenticationPlugin to one broker, it throws WARN messages,
even when it is the only thing running (nothing trying to connect to it):
2011-07-05 11:18:10,346 | WARN | Failed to add Connection
ID:JOHN-PC-49383-13023852174556-0:825, reason: java.lang.SecurityException:
User name or password is invalid. |
org.apache.activemq.broker.TransportConnection | ActiveMQ Transport: tcp:///
127.0.0.1:51042
2011-07-05 11:18:15,348 | INFO | Transport failed: java.io.EOFException |
org.apache.activemq.broker.TransportConnection.Transport | ActiveMQ
Transport: tcp:///127.0.0.1:51042
I read that this could be because of other activemq components so I tried
to make the simplest config file possible, but the same problem persists:
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:amq="http://activemq.apache.org/schema/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://activemq.apache.org/schema/core
http://activemq.apache.org/schema/core/activemq-core.xsd">
<broker xmlns="http://activemq.apache.org/schema/core"
brokerName="localhost" dataDirectory="${activemq.base}/data"
destroyApplicationContextOnStop="true">
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system" password="manager"
groups="users,admins"/>
</users>
</simpleAuthenticationPlugin>
</plugins>
<transportConnectors>
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616"/>
</transportConnectors>
</broker>
</beans>
How can I get the simpleAuthenticationPlugin going?
John
Re: Simplest possible broker-to-broker authentication
Posted by John Fletcher <fl...@gmail.com>.
OK I JIRA'd it https://issues.apache.org/jira/browse/AMQ-3395
Regards,
John
2011/7/5 John Fletcher <fl...@gmail.com>
> 2011/7/5 Dejan Bosanac
>
> Do you have the other broker trying to connect to this one?
>
>
> No, that's the strange thing. I only have one broker running.
>
>
>> If so you need
>> to add username/password to the <networkConnector/>
>>
> I have tried that and it didn't work for me - no connection was established
> and I saw these log messages coming up. Then I realised that the log
> messages come up without me even starting the second broker! So the second
> broker is a separate issue.
>
> If I comment out <transportConnectors> the problem goes away. Am I doing
> something wrong there?
>
> What I think I need to establish as the absolute baseline is a version of
> activemq.conf that contains <simpleAuthenticationPlugin> and
> <transportConnector> and doesn't throw "failed to add Connection" messages.
> Does anyone have such an example going in 5.5.0?
>
> Regards,
> John
>
>
>>
>>
>> Regards
>> --
>> Dejan Bosanac - http://twitter.com/dejanb
>> -----------------
>> The experts in open source integration and messaging -
>> http://fusesource.com
>> ActiveMQ in Action - http://www.manning.com/snyder/
>> Blog - http://www.nighttale.net
>>
>>
>> On Tue, Jul 5, 2011 at 11:28 AM, John Fletcher <fl...@gmail.com>
>> wrote:
>>
>> > I'm trying to implement security and I want to start by just creating a
>> > simple broker to broker authentication (ActiveMQ 5.5.0). Unfortunately
>> when
>> > I add the simpleAuthenticationPlugin to one broker, it throws WARN
>> > messages,
>> > even when it is the only thing running (nothing trying to connect to
>> it):
>> >
>> > 2011-07-05 11:18:10,346 | WARN | Failed to add Connection
>> > ID:JOHN-PC-49383-13023852174556-0:825, reason:
>> java.lang.SecurityException:
>> > User name or password is invalid. |
>> > org.apache.activemq.broker.TransportConnection | ActiveMQ Transport:
>> > tcp:///
>> > 127.0.0.1:51042
>> > 2011-07-05 11:18:15,348 | INFO | Transport failed: java.io.EOFException
>> |
>> > org.apache.activemq.broker.TransportConnection.Transport | ActiveMQ
>> > Transport: tcp:///127.0.0.1:51042
>> >
>> > I read that this could be because of other activemq components so I
>> tried
>> > to make the simplest config file possible, but the same problem
>> persists:
>> >
>> > <beans
>> > xmlns="http://www.springframework.org/schema/beans"
>> > xmlns:amq="http://activemq.apache.org/schema/core"
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> > xsi:schemaLocation="http://www.springframework.org/schema/beans
>> > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>> > http://activemq.apache.org/schema/core
>> > http://activemq.apache.org/schema/core/activemq-core.xsd">
>> > <broker xmlns="http://activemq.apache.org/schema/core"
>> > brokerName="localhost" dataDirectory="${activemq.base}/data"
>> > destroyApplicationContextOnStop="true">
>> > <plugins>
>> > <simpleAuthenticationPlugin>
>> > <users>
>> > <authenticationUser username="system" password="manager"
>> > groups="users,admins"/>
>> > </users>
>> > </simpleAuthenticationPlugin>
>> > </plugins>
>> >
>> > <transportConnectors>
>> > <transportConnector name="openwire" uri="tcp://0.0.0.0:61616
>> "/>
>> > </transportConnectors>
>> > </broker>
>> > </beans>
>> >
>> > How can I get the simpleAuthenticationPlugin going?
>> >
>> > John
>> >
>>
>
>
Re: Simplest possible broker-to-broker authentication
Posted by John Fletcher <fl...@gmail.com>.
2011/7/5 Dejan Bosanac
> Do you have the other broker trying to connect to this one?
No, that's the strange thing. I only have one broker running.
> If so you need
> to add username/password to the <networkConnector/>
>
I have tried that and it didn't work for me - no connection was established
and I saw these log messages coming up. Then I realised that the log
messages come up without me even starting the second broker! So the second
broker is a separate issue.
If I comment out <transportConnectors> the problem goes away. Am I doing
something wrong there?
What I think I need to establish as the absolute baseline is a version of
activemq.conf that contains <simpleAuthenticationPlugin> and
<transportConnector> and doesn't throw "failed to add Connection" messages.
Does anyone have such an example going in 5.5.0?
Regards,
John
>
>
> Regards
> --
> Dejan Bosanac - http://twitter.com/dejanb
> -----------------
> The experts in open source integration and messaging -
> http://fusesource.com
> ActiveMQ in Action - http://www.manning.com/snyder/
> Blog - http://www.nighttale.net
>
>
> On Tue, Jul 5, 2011 at 11:28 AM, John Fletcher <fl...@gmail.com>
> wrote:
>
> > I'm trying to implement security and I want to start by just creating a
> > simple broker to broker authentication (ActiveMQ 5.5.0). Unfortunately
> when
> > I add the simpleAuthenticationPlugin to one broker, it throws WARN
> > messages,
> > even when it is the only thing running (nothing trying to connect to it):
> >
> > 2011-07-05 11:18:10,346 | WARN | Failed to add Connection
> > ID:JOHN-PC-49383-13023852174556-0:825, reason:
> java.lang.SecurityException:
> > User name or password is invalid. |
> > org.apache.activemq.broker.TransportConnection | ActiveMQ Transport:
> > tcp:///
> > 127.0.0.1:51042
> > 2011-07-05 11:18:15,348 | INFO | Transport failed: java.io.EOFException
> |
> > org.apache.activemq.broker.TransportConnection.Transport | ActiveMQ
> > Transport: tcp:///127.0.0.1:51042
> >
> > I read that this could be because of other activemq components so I
> tried
> > to make the simplest config file possible, but the same problem persists:
> >
> > <beans
> > xmlns="http://www.springframework.org/schema/beans"
> > xmlns:amq="http://activemq.apache.org/schema/core"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xsi:schemaLocation="http://www.springframework.org/schema/beans
> > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
> > http://activemq.apache.org/schema/core
> > http://activemq.apache.org/schema/core/activemq-core.xsd">
> > <broker xmlns="http://activemq.apache.org/schema/core"
> > brokerName="localhost" dataDirectory="${activemq.base}/data"
> > destroyApplicationContextOnStop="true">
> > <plugins>
> > <simpleAuthenticationPlugin>
> > <users>
> > <authenticationUser username="system" password="manager"
> > groups="users,admins"/>
> > </users>
> > </simpleAuthenticationPlugin>
> > </plugins>
> >
> > <transportConnectors>
> > <transportConnector name="openwire" uri="tcp://0.0.0.0:61616
> "/>
> > </transportConnectors>
> > </broker>
> > </beans>
> >
> > How can I get the simpleAuthenticationPlugin going?
> >
> > John
> >
>
Re: Simplest possible broker-to-broker authentication
Posted by Dejan Bosanac <de...@nighttale.net>.
Do you have the other broker trying to connect to this one? If so you need
to add username/password to the <networkConnector/>
Regards
--
Dejan Bosanac - http://twitter.com/dejanb
-----------------
The experts in open source integration and messaging - http://fusesource.com
ActiveMQ in Action - http://www.manning.com/snyder/
Blog - http://www.nighttale.net
On Tue, Jul 5, 2011 at 11:28 AM, John Fletcher <fl...@gmail.com> wrote:
> I'm trying to implement security and I want to start by just creating a
> simple broker to broker authentication (ActiveMQ 5.5.0). Unfortunately when
> I add the simpleAuthenticationPlugin to one broker, it throws WARN
> messages,
> even when it is the only thing running (nothing trying to connect to it):
>
> 2011-07-05 11:18:10,346 | WARN | Failed to add Connection
> ID:JOHN-PC-49383-13023852174556-0:825, reason: java.lang.SecurityException:
> User name or password is invalid. |
> org.apache.activemq.broker.TransportConnection | ActiveMQ Transport:
> tcp:///
> 127.0.0.1:51042
> 2011-07-05 11:18:15,348 | INFO | Transport failed: java.io.EOFException |
> org.apache.activemq.broker.TransportConnection.Transport | ActiveMQ
> Transport: tcp:///127.0.0.1:51042
>
> I read that this could be because of other activemq components so I tried
> to make the simplest config file possible, but the same problem persists:
>
> <beans
> xmlns="http://www.springframework.org/schema/beans"
> xmlns:amq="http://activemq.apache.org/schema/core"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
> http://activemq.apache.org/schema/core
> http://activemq.apache.org/schema/core/activemq-core.xsd">
> <broker xmlns="http://activemq.apache.org/schema/core"
> brokerName="localhost" dataDirectory="${activemq.base}/data"
> destroyApplicationContextOnStop="true">
> <plugins>
> <simpleAuthenticationPlugin>
> <users>
> <authenticationUser username="system" password="manager"
> groups="users,admins"/>
> </users>
> </simpleAuthenticationPlugin>
> </plugins>
>
> <transportConnectors>
> <transportConnector name="openwire" uri="tcp://0.0.0.0:61616"/>
> </transportConnectors>
> </broker>
> </beans>
>
> How can I get the simpleAuthenticationPlugin going?
>
> John
>