You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by angrywooper <ma...@gmail.com> on 2009/01/20 22:24:13 UTC
AMQ-5.1.0 with security enabled: Use of environment variables in
login.conf
Hi,
Im configuring jaasAuthenticationPlugin, but I have problem using an
environment variable pointing to a dir outside the activemq installation
where I've put users and groups.properties files.
I've followed the guide http://activemq.apache.org/security.html here.
The only modification I've done is in login.config where Im trying to use
the env var:
activemq-domain {
org.apache.activemq.jaas.PropertiesLoginModule required
debug=true
org.apache.activemq.jaas.properties.user="${SOME_ENV_VAR}/users.properties"
org.apache.activemq.jaas.properties.group="${SOME_ENV_VAR}/groups.properties";
};
When I start AMQ I get the following exception:
WARN TransportConnection - Failed to add Connection
java.lang.SecurityException: User name or password is invalid.
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:88)
at
org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:662)
at
org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
at
org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:292)
at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:180)
at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68)
at
org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:143)
at
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:206)
at
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84)
at
org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:196)
at
org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:183)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.SecurityException: unable to expand property
SOME_ENV_VAR
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93)
at sun.reflect.GeneratedConstructorAccessor19.newInstance(Unknown
Source)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at
javax.security.auth.login.Configuration$3.run(Configuration.java:246)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.Configuration.getConfiguration(Configuration.java:241)
at
javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.init(LoginContext.java:234)
at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:75)
... 14 more
Caused by: java.io.IOException: unable to expand property SOME_ENV_VAR
at
com.sun.security.auth.login.ConfigFile.parseLoginEntry(ConfigFile.java:411)
at
com.sun.security.auth.login.ConfigFile.readConfig(ConfigFile.java:350)
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:262)
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:202)
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91)
... 27 more
Someone got a good tips why I get this exception?
--
View this message in context: http://www.nabble.com/AMQ-5.1.0-with-security-enabled%3A-Use-of-environment-variables-in-login.conf-tp21571968p21571968.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.