You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by navnetkachroo <na...@gmail.com> on 2008/04/07 20:28:49 UTC

ActiveMQ 5.0 & JAAS: Error on startup - SecurityException: User system is not authorized to read from: ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic

Hi, 

I am trying to setup authentication using JAAS on ActiveMQ 5.0.

I'm getting an exception on startup, even after defining the user "system" :

ERROR Service                        - Async error occurred:
java.lang.SecurityException: User system is not authorized to read from:
ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
java.lang.SecurityException: User system is not authorized to read from:
ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic

Attached are the configuration files that I'm using:
* users.properties
* login.config
* groups.properties
* activemq.xml

I've also tried removing camelContext, commandAgent & jetty from the
activemq.xml. 

I've set DEBUG level for the logs, which tell me that the users.properties
is being read. Attached is the detailed startup log.

http://www.nabble.com/file/p16538526/users.properties users.properties 
http://www.nabble.com/file/p16538526/login.config login.config 
http://www.nabble.com/file/p16538526/groups.properties groups.properties 
http://www.nabble.com/file/p16538526/activemq.xml activemq.xml 
http://www.nabble.com/file/p16538526/startup.log startup.log 
-- 
View this message in context: http://www.nabble.com/ActiveMQ-5.0---JAAS%3A-Error-on-startup---SecurityException%3A-User-system-is-not-authorized-to-read-from%3A-ActiveMQ.Advisory.Consumer.%3E%2Ctopic%3A--ActiveMQ.Advisory.TempQueue%2Ctopic%3A--ActiveMQ.Advisory.TempTopic-tp16538526s2354p16538526.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: ActiveMQ 5.0 & JAAS: Error on startup - SecurityException: User system is not authorized to read from: ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic

Posted by navnetkachroo <na...@gmail.com>.

That works! Thanks.

Does this mean that in ActiveMQ - I can restrict access only to a group, not
to a particular user (i can have just 1 user in a group as a workaround
though)?



ttmdev wrote:
> 
> In your groups.properties file, you've assigned the user "system" to the
> "admins", "tempDestinationAdmins", and "users" groups. So in your
> <authorizationEntry> elements, change  "system" to one of those groups. 
> 
> Joe
> Goto www.ttmsolutions.com for a free ActiveMQ user guide
> 
> 
> 
> navnetkachroo wrote:
>> 
>> Hi, 
>> 
>> I am trying to setup authentication using JAAS on ActiveMQ 5.0.
>> 
>> I'm getting an exception on startup, even after defining the user
>> "system" :
>> 
>> ERROR Service                        - Async error occurred:
>> java.lang.SecurityException: User system is not authorized to read from:
>> ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
>> java.lang.SecurityException: User system is not authorized to read from:
>> ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
>> 
>> Attached are the configuration files that I'm using:
>> * users.properties
>> * login.config
>> * groups.properties
>> * activemq.xml
>> 
>> I've also tried removing camelContext, commandAgent & jetty from the
>> activemq.xml. 
>> 
>> I've set DEBUG level for the logs, which tell me that the
>> users.properties is being read. Attached is the detailed startup log.
>> 
>>  http://www.nabble.com/file/p16538526/users.properties users.properties 
>> http://www.nabble.com/file/p16538526/login.config login.config 
>> http://www.nabble.com/file/p16538526/groups.properties groups.properties 
>> http://www.nabble.com/file/p16538526/activemq.xml activemq.xml 
>> http://www.nabble.com/file/p16538526/startup.log startup.log 
>> 
> 
> 

-- 
View this message in context: http://www.nabble.com/ActiveMQ-5.0---JAAS%3A-Error-on-startup---SecurityException%3A-User-system-is-not-authorized-to-read-from%3A-ActiveMQ.Advisory.Consumer.%3E%2Ctopic%3A--ActiveMQ.Advisory.TempQueue%2Ctopic%3A--ActiveMQ.Advisory.TempTopic-tp16538526s2354p16539215.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.

Re: ActiveMQ 5.0 & JAAS: Error on startup - SecurityException: User system is not authorized to read from: ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic

Posted by ttmdev <jo...@ttmsolutions.com>.

In your groups.properties file, you've assigned the user "system" to the
"admins", "tempDestinationAdmins", and "users" groups. So in your
<authorizationEntry> elements, change  "system" to one of those groups. 

Joe
Goto www.ttmsolutions.com for a free ActiveMQ user guide



navnetkachroo wrote:
> 
> Hi, 
> 
> I am trying to setup authentication using JAAS on ActiveMQ 5.0.
> 
> I'm getting an exception on startup, even after defining the user "system"
> :
> 
> ERROR Service                        - Async error occurred:
> java.lang.SecurityException: User system is not authorized to read from:
> ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
> java.lang.SecurityException: User system is not authorized to read from:
> ActiveMQ.Advisory.Consumer.>,topic://ActiveMQ.Advisory.TempQueue,topic://ActiveMQ.Advisory.TempTopic
> 
> Attached are the configuration files that I'm using:
> * users.properties
> * login.config
> * groups.properties
> * activemq.xml
> 
> I've also tried removing camelContext, commandAgent & jetty from the
> activemq.xml. 
> 
> I've set DEBUG level for the logs, which tell me that the users.properties
> is being read. Attached is the detailed startup log.
> 
>  http://www.nabble.com/file/p16538526/users.properties users.properties 
> http://www.nabble.com/file/p16538526/login.config login.config 
> http://www.nabble.com/file/p16538526/groups.properties groups.properties 
> http://www.nabble.com/file/p16538526/activemq.xml activemq.xml 
> http://www.nabble.com/file/p16538526/startup.log startup.log 
> 

-- 
View this message in context: http://www.nabble.com/ActiveMQ-5.0---JAAS%3A-Error-on-startup---SecurityException%3A-User-system-is-not-authorized-to-read-from%3A-ActiveMQ.Advisory.Consumer.%3E%2Ctopic%3A--ActiveMQ.Advisory.TempQueue%2Ctopic%3A--ActiveMQ.Advisory.TempTopic-tp16538526s2354p16539107.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.