You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by "W.Y" <wy...@gmail.com> on 2019/04/29 08:43:42 UTC
the role i added in jetty.xml does not work
I add a new role for a queue , only user with this role , can browse this
queue .
User can login via activemq web console , but it does not work
below are steps I did
In activemq.xml I define only with role "UDQUE_ONEWAY_MULTIPLEXER_ROLE"
, can read queue UDQUE_ONEWAY_MULTIPLEXER
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue="UDQUE_ONEWAY_MULTIPLEXER"
read="UDQUE_ONEWAY_MULTIPLEXER_ROLE" write="UDQUE_ONEWAY_MULTIPLEXER_ROLE"
admin="admins"/>
<authorizationEntry topic="ActiveMQ.Advisory.>" read="admins"
write="admins" admin="admins" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
in jetty.xml I add this additional role UDQUE_ONEWAY_MULTIPLEXER_ROLE
<bean id="securityLoginService"
class="org.eclipse.jetty.security.HashLoginService">
<property name="name" value="ActiveMQRealm" />
<property name="config" value="${activemq.conf}/jetty-realm.properties"
/>
</bean>
<bean id="securityConstraint"
class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC" />
<property name="roles" value="user,admin,UDQUE_ONEWAY_MULTIPLEXER_ROLE"
/>
<property name="authenticate" value="true" />
</bean>
<bean id="adminSecurityConstraint"
class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC" />
<property name="roles" value="admin,UDQUE_ONEWAY_MULTIPLEXER_ROLE" />
<property name="authenticate" value="true" />
</bean>
In jetty-realm.properties , I add this additional role
UDQUE_ONEWAY_MULTIPLEXER_ROLE
admin: admin, admin ,UDQUE_ONEWAY_MULTIPLEXER_ROLE
user: user, user ,UDQUE_ONEWAY_MULTIPLEXER_ROLE
Then I restarted activemq, I can login with admin / admin, but when I try
to browse UDQUE_ONEWAY_MULTIPLEXER from web console, I got User System is
not authorized to read from
queue UDQUE_ONEWAY_MULTIPLEXER. Any hints or ideas?
--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html