You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Diptin Patel <Di...@mbll.ca> on 2021/11/03 15:48:49 UTC

RE: apache-activemq-5.15.15 - User name or password is invalid

Hi Tim,

Yes ldap crediantials defined in credentials.properties file are valid and I can authenticate with them.

My problem appears to be within activemq.xml file for ldap. We're upgrading from ActiveMQ 5.10 with JDK 1.7 to ActiveMQ 5.15with JDK 1.8. I brought the configuration over from ActiveMQ 5.10, but it doesn't appear to be working.


    <broker useJmx="true" advisorySupport="false" persistent="true" xmlns="http://activemq.apache.org/schema/core" brokerName="TestESB-JMS1" dataDirectory="${activemq.data}">


        <plugins>
                <jaasAuthenticationPlugin configuration="LdapConfiguration" />
                <authorizationPlugin>
                        <map>
                        <cachedLDAPAuthorizationMap
                                connectionURL="ldap://mycorp.mbl.ca:389"
                                connectionUsername="CN=ActiveMQLDAP,OU=Roles,OU=Convergence,OU=Systems,DC=corp,DC=mbll,DC=ca"
                                connectionPassword="*****"
                                queueSearchBase="OU=TestQueues,OU=ActiveMQ,OU=Application Access,OU=Resources,OU=Accounts,DC=mycorp,DC=mbl,DC=ca"
                                topicSearchBase="OU=Topic,OU=ActiveMQ,OU=Application Access,OU=Resources,OU=Accounts,DC=mycorp,DC=mbl,DC=ca"
                                tempSearchBase="OU=Temp,OU=ActiveMQ,OU=Application Access,OU=Resources,OU=Accounts,DC=mycorp,DC=mbl,DC=ca"
                                refreshInterval="600000"
                                legacyGroupMapping="false"
                                adminPermissionGroupSearchFilter ="(info:=admin)"
                                readPermissionGroupSearchFilter ="(info:=read)"
                                writePermissionGroupSearchFilter ="(info:=write)"
                                groupObjectClass ="group"
                                userObjectClass ="user"
                                />
                        </map>
                </authorizationPlugin>



-----Original Message-----
From: Tim Bain <tb...@alumni.duke.edu>
Sent: Thursday, October 28, 2021 10:22 AM
To: ActiveMQ Users <us...@activemq.apache.org>
Subject: Re: apache-activemq-5.15.15 - User name or password is invalid

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


The error message says the broker is trying to use AMQAdmin as the username. Is that the correct username? Can you authenticate to the LDAP with those credentials via command line tools?

Tim

On Wed, Oct 27, 2021, 8:49 AM Diptin Patel <Di...@mbll.ca> wrote:

> Please help!
>
> I'm setting up apache-activemq-5.15.15 With LDAP and I keep getting
> these errors when trying to manage queues from Web Console.
>
> I can create new queues from Web Console, but cannot manage or send
> message to them.
>
> I keep getting following errors.
>
> 2021-10-27 09:43:45,127 | WARN  | Broker localhost not started so
> using
> TestESB-JMS1 instead | org.apache.activemq.broker.BrokerRegistry |
> qtp2143739483-36
> 2021-10-27 09:43:45,129 | INFO  | Connector vm://localhost started |
> org.apache.activemq.broker.TransportConnector | qtp2143739483-36
> 2021-10-27 09:43:45,146 | WARN  | Failed to add Connection
> id=ID:TestESB-JMS1-38923-1635345740665-2:1,
> clientId=ID:TestESB-JMS1-38923-1635345740665-1:1,
> clientIP=vm://localhost#0 due to User name [AMQAdmin] or password is
> invalid. | org.apache.activemq.broker.TransportConnection | ActiveMQ VMTransport:
> vm://localhost#1-1
> 2021-10-27 09:43:45,147 | WARN  | Security Error occurred on
> connection
> to: vm://localhost#0, User name [AMQAdmin] or password is invalid. |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ
> VMTransport: vm://localhost#1-1
> 2021-10-27 09:43:45,156 | WARN  | /admin/browse.jsp |
> org.eclipse.jetty.server.HttpChannel | qtp2143739483-36
> javax.servlet.ServletException: javax.servlet.ServletException:
> org.apache.jasper.JasperException: An exception occurred processing
> [/browse.jsp] at line [48]
>
> 45: </tr>
> 46: </thead>
> 47: <tbody>
> 48: <jms:forEachMessage
> queueBrowser="${requestContext.queueBrowser.browser}" var="row">
> 49: <tr>
> 50: <td><a href="<c:url value="message.jsp">
> 51:                  <c:param name="id" value="${row.JMSMessageID}" />
>
> Thanks in advanced.
> Diptin Patel
> **********************************************************************
> ************************ Confidentiality Warning: This message and any
> attachments are intended only for the use of the intended
> recipient(s), are confidential, and may be privileged. If you are not
> the intended recipient, you are hereby notified that any review,
> retransmission, conversion to hard copy or other use of this message
> (and/or attachments) is strictly prohibited. If you received this
> email in error, please notify the sender immediately by return e-mail,
> and delete this message and any attachments from your system. Thank you.
> ---------------------------------------------------------------- MISE
> EN GARDE CONCERNANT LA CONFIDENTIALIT?: Ce message, et toutes pi?ces
> jointes, sont ? l'intention exclusive de la personne pr?cit?e. Il peut
> renfermer des renseignements prot?g?s et confidentiels. Si vous prenez
> connaissance de la pr?sente communication sans en ?tre le
> destinataire, vous ?tes, par la pr?sente, avis? que toute revue,
> retransmission ou reproduction, soit en copie papier ou autre forme (y
> compris les pi?ces jointes) de la pr?sente communication est
> strictement interdite. Si vous avez re?u le pr?sent message par
> erreur, veuillez en aviser l'exp?diteur le plus t?t possible par
> retour de courriel et ?liminez ce message, et toutes pi?ces jointes, de votre syst?me. Merci.
> **********************************************************************
> ************************
>
********************************************************************************************** Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy or other use of this message (and/or attachments) is strictly prohibited. If you received this email in error, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system. Thank you. ---------------------------------------------------------------- MISE EN GARDE CONCERNANT LA CONFIDENTIALITÉ: Ce message, et toutes pièces jointes, sont à l'intention exclusive de la personne précitée. Il peut renfermer des renseignements protégés et confidentiels. Si vous prenez connaissance de la présente communication sans en être le destinataire, vous êtes, par la présente, avisé que toute revue, retransmission ou reproduction, soit en copie papier ou autre forme (y compris les pièces jointes) de la présente communication est strictement interdite. Si vous avez reçu le présent message par erreur, veuillez en aviser l'expéditeur le plus tôt possible par retour de courriel et éliminez ce message, et toutes pièces jointes, de votre système. Merci. **********************************************************************************************