You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2020/01/13 17:51:00 UTC

[jira] [Deleted] (ARTEMIS-1734) Unable to access to AMQ7.1 Management Console in read-only mode

     [ https://issues.apache.org/jira/browse/ARTEMIS-1734?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Bertram deleted ARTEMIS-1734:
------------------------------------


> Unable to access to AMQ7.1 Management Console in read-only mode
> ---------------------------------------------------------------
>
>                 Key: ARTEMIS-1734
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1734
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>         Environment: RHEL 7.3
> OpenJDK 1.8.0 (latest rpm)
>            Reporter: Jose Roman Martin Gil
>            Priority: Major
>
> As administrator I want to create a monitor role to allow access to Management Console only to view and read the status of any objects.
>  
> As administrator I am using roles to manage queues and topics successfully but I would like to have users to monitor the broker with the Management Console.
>  
> At this moment I created a role and I updated the following files as: 
>  
> *etc/artemis.profile*: Changed the roles allowed to access:
> {code:java}
> -Dhawtio.roles=amq,monitor{code}
>  
> *etc/management.xml*: Allowed methods for each method:
> {code:java}
> <default-access>
>  <access method="list*" roles="amq,monitor"/>
>  <access method="get*" roles="amq,monitor"/>
>  <access method="is*" roles="amq,monitor"/>
>  <access method="set*" roles="amq"/>
>  <access method="*" roles="amq"/>
> </default-access>
> <role-access>
>  <match domain="org.apache.activemq.artemis">
>  <access method="list*" roles="amq,monitor"/>
>  <access method="get*" roles="amq,monitor"/>
>  <access method="is*" roles="amq,monitor"/>
>  <access method="set*" roles="amq"/>
>  <access method="*" roles="amq"/>
>  </match>
> </role-access>{code}
> With these changes I could login as monitor user however I found a lot of errors as:
>  
> {code:java}
> ERROR: Insufficient roles/credentials for operation (class java.lang.SecurityException){code}
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)