You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by Sandeep Chayapathi <sa...@wssource.com> on 2006/08/02 23:31:05 UTC
[Stomp] Security - not authorized to create: topic://ActiveMQ.Advisory.Connection
error
Hi,
This is a followup on:
http://www.nabble.com/-Stomp--Access-Control-List-tf2040876.html
Now, I have setup AMQ 4.0.1 with the default JAAS plugin, as described
here: http://activemq.org/site/security.html
However, when I try to connect (login: users, passcode: password), I get
the following error:
-------
INFO Service - Sync error occurred:
java.lang.SecurityException: User users is not authorized to create:
topic://ActiveMQ.Advisory.Connection
java.lang.SecurityException: User users is not authorized to create:
topic://ActiveMQ.Advisory.Connection
at
org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:64)
at
org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:142)
at
org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:244)
at
org.apache.activemq.broker.region.AbstractRegion.send(AbstractRegion.java:224)
at
org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:345)
at
org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:192)
at
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:271)
at
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:236)
at
org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:231)
at
org.apache.activemq.advisory.AdvisoryBroker.addConnection(AdvisoryBroker.java:72)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
at
org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:87)
at
org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
at
org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:82)
at
org.apache.activemq.broker.AbstractConnection.processAddConnection(AbstractConnection.java:507)
at
org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:82)
at
org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:118)
at
org.apache.activemq.broker.AbstractConnection.service(AbstractConnection.java:201)
at
org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:62)
at
org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:97)
at
org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:63)
at
org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:122)
at
org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:87)
at
org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:143)
at java.lang.Thread.run(Thread.java:595)
------
--- login.config -----
activemq-domain {
org.apache.activemq.jaas.PropertiesLoginModule required
debug=true
org.apache.activemq.jaas.properties.user="org/apache/activemq/security/users.properties"
org.apache.activemq.jaas.properties.group="org/apache/activemq/security/groups.properties";
};
---------------------
---- users.properties ------
admins=manager
users=password
guest=password
------------------------------
------- activemq.xml ------------
<plugins>
<jaasAuthenticationPlugin configuration="activemq-domain" />
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins"
admin="admins" />
<authorizationEntry queue="USERS.>" read="users"
write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />
<authorizationEntry topic=">" read="admins" write="admins"
admin="admins" />
<authorizationEntry topic="USERS.>" read="users"
write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests"
write="guests,users" admin="guests,users" />
<authorizationEntry topic="ActiveMQ.Advisory.>"
read="guests,users" write="guests,users" admin="guests,users"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
-----------------------------------
Re: [Stomp] Security - not authorized to create:
topic://ActiveMQ.Advisory.Connection error
Posted by CobraTheSleek <ka...@yahoo.com>.
Was wondering if you figured this out? I am facing the very same issue. I see
the my user in the property file and has the right role...
Sandeep Chayapathi wrote:
>
> Hi,
>
> This is a followup on:
> http://www.nabble.com/-Stomp--Access-Control-List-tf2040876.html
>
> Now, I have setup AMQ 4.0.1 with the default JAAS plugin, as described
> here: http://activemq.org/site/security.html
>
> However, when I try to connect (login: users, passcode: password), I get
> the following error:
>
> -------
> INFO Service - Sync error occurred:
> java.lang.SecurityException: User users is not authorized to create:
> topic://ActiveMQ.Advisory.Connection
> java.lang.SecurityException: User users is not authorized to create:
> topic://ActiveMQ.Advisory.Connection
> at
> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:64)
> at
> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:142)
> at
> org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:244)
> at
> org.apache.activemq.broker.region.AbstractRegion.send(AbstractRegion.java:224)
> at
> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:345)
> at
> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:192)
> at
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:271)
> at
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:236)
> at
> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:231)
> at
> org.apache.activemq.advisory.AdvisoryBroker.addConnection(AdvisoryBroker.java:72)
> at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
> at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
> at
> org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:87)
> at
> org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:69)
> at
> org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:82)
> at
> org.apache.activemq.broker.AbstractConnection.processAddConnection(AbstractConnection.java:507)
> at
> org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:82)
> at
> org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:118)
> at
> org.apache.activemq.broker.AbstractConnection.service(AbstractConnection.java:201)
> at
> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:62)
> at
> org.apache.activemq.transport.ResponseCorrelator.onCommand(ResponseCorrelator.java:97)
> at
> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:63)
> at
> org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:122)
> at
> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:87)
> at
> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:143)
> at java.lang.Thread.run(Thread.java:595)
> ------
>
> --- login.config -----
> activemq-domain {
> org.apache.activemq.jaas.PropertiesLoginModule required
> debug=true
>
> org.apache.activemq.jaas.properties.user="org/apache/activemq/security/users.properties"
>
> org.apache.activemq.jaas.properties.group="org/apache/activemq/security/groups.properties";
> };
> ---------------------
>
> ---- users.properties ------
> admins=manager
> users=password
> guest=password
> ------------------------------
>
> ------- activemq.xml ------------
>
> <plugins>
> <jaasAuthenticationPlugin configuration="activemq-domain" />
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="admins" write="admins"
> admin="admins" />
> <authorizationEntry queue="USERS.>" read="users"
> write="users" admin="users" />
> <authorizationEntry queue="GUEST.>" read="guests"
> write="guests,users" admin="guests,users" />
> <authorizationEntry topic=">" read="admins" write="admins"
> admin="admins" />
> <authorizationEntry topic="USERS.>" read="users"
> write="users" admin="users" />
> <authorizationEntry topic="GUEST.>" read="guests"
> write="guests,users" admin="guests,users" />
> <authorizationEntry topic="ActiveMQ.Advisory.>"
> read="guests,users" write="guests,users" admin="guests,users"/>
> </authorizationEntries>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> </plugins>
> -----------------------------------
>
>
--
View this message in context: http://www.nabble.com/-Stomp--Security----not-authorized-to-create%3A-topic%3A--ActiveMQ.Advisory.Connection-error-tf2042459s2354.html#a13430613
Sent from the ActiveMQ - User mailing list archive at Nabble.com.