You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by "W.Y" <wy...@gmail.com> on 2019/04/29 08:43:42 UTC

the role i added in jetty.xml does not work

I add a new role for a queue , only user with this role , can browse this
queue .
User can login via activemq web console , but it does not work 

below are steps I did 

			In activemq.xml I define only  with role  "UDQUE_ONEWAY_MULTIPLEXER_ROLE"
, can read queue UDQUE_ONEWAY_MULTIPLEXER
			<authorizationPlugin>
				  <map>
					<authorizationMap>
					  <authorizationEntries>
						<authorizationEntry queue="UDQUE_ONEWAY_MULTIPLEXER"
read="UDQUE_ONEWAY_MULTIPLEXER_ROLE" write="UDQUE_ONEWAY_MULTIPLEXER_ROLE"
admin="admins"/>
						<authorizationEntry topic="ActiveMQ.Advisory.>" read="admins"
write="admins" admin="admins" />
					  </authorizationEntries>
					</authorizationMap>
				  </map>
			</authorizationPlugin>
			
			in jetty.xml I add this  additional role 	UDQUE_ONEWAY_MULTIPLEXER_ROLE
			<bean id="securityLoginService"
class="org.eclipse.jetty.security.HashLoginService">
				<property name="name" value="ActiveMQRealm" />
				<property name="config" value="${activemq.conf}/jetty-realm.properties"
/>
			</bean>

			<bean id="securityConstraint"
class="org.eclipse.jetty.util.security.Constraint">
				<property name="name" value="BASIC" />
				<property name="roles" value="user,admin,UDQUE_ONEWAY_MULTIPLEXER_ROLE"
/>
				
				<property name="authenticate" value="true" />
			</bean>
			<bean id="adminSecurityConstraint"
class="org.eclipse.jetty.util.security.Constraint">
				<property name="name" value="BASIC" />
				<property name="roles" value="admin,UDQUE_ONEWAY_MULTIPLEXER_ROLE" />
				 
				<property name="authenticate" value="true" />
			</bean>
					
			In jetty-realm.properties , I add this additional role 
UDQUE_ONEWAY_MULTIPLEXER_ROLE	
			admin: admin, admin ,UDQUE_ONEWAY_MULTIPLEXER_ROLE
			user: user, user ,UDQUE_ONEWAY_MULTIPLEXER_ROLE
			
			Then I restarted activemq, I can login with admin / admin, but when I try
to browse UDQUE_ONEWAY_MULTIPLEXER from web console, I got User System is
not authorized to read from
			queue UDQUE_ONEWAY_MULTIPLEXER. Any hints or ideas? 



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html