一、简单的安全认证(使用SimpleAuthenticationPlugin)
(1)设置证书文件,放用户名和密码:${activemq.base}/conf/credentials.properties
activemq.username=logcd
activemq.password=028cd
(2)配置simpleAuthenticationPlugin,简单认证插件
<!--加载属性配置文件-->
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<value>file:///${activemq.base}/conf/credentials.properties</value>
</property>
</bean>
<!--在Broker中,配置插件-->
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="${activemq.username}" password="${activemq.password}" groups="users,admins"/>
</users>
</simpleAuthenticationPlugin>
</plugins>
(3)在connectionFactory中,使用用户名和密码。
ConnectionFactory cf = new ActiveMQConnectionFactory("logcd", "028cd", "tcp://195.2.199.169:61616")
<bean id="queueConnectionFactory"
class="org.apache.activemq.spring.ActiveMQConnectionFactory" >
<property name="brokerURL" value="tcp://195.2.199.169:61616" />
<property name="userName" value="logcd" />
<property name="password" value="028cd" />
<property name="useAsyncSend" value="true"/>
</bean>
二、ActiveMQ Web Console Security
ActiveMQ缺省的管理是通过内置的jetty服务器,只要在浏览器中输入http://[IP]:8161/admin,不需要登录,就可以对队列、主题及消息等进行管理,这很不安全。那么要解决管理控制台的安全性,除了通过修改管理端口号以及应用名称之外,最关键的也是需要进行配置,必须通过身份认证才能登录。
(1)认证信息文件:realm.properties(${activemq.base}/conf/realm.properties)
#admin/test
admin: MD5:098f6bcd4621d373cade4e832627b4f6,user,admin
(2)将jetty-plus-6.1.9.jar加入到${activemq.base}/lib/web中
(3)login.config(${activemq.base}/webapps/admin/login.config)
adminLoginModule {
org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required
debug="true"
file="${activemq.base}/conf/realm.properties";
};
(4)在activemq.xml中的jetty配置部分增加userRealms
<userRealms>
<jaasUserRealm name="adminRealm" loginModuleName="adminLoginModule">
</jaasUserRealm>
</userRealms>
(5)在${activemq.base}/webapps/admin/WEB-INF/web.xml文件里添加
<security-constraint>
<web-resource-collection>
<web-resource-name>adminRealm</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>adminRealm</realm-name>
</login-config>
(6)通过设置java.security.auth.login.config系统属性来配置login modules的配置文件。${activemq.base}/bin/activemq.bat中的ACTIVEMQ_OPTS增加参数
-Djava.security.auth.login.config="D:/activemq-5.1/webapps/admin/login.config"
问题:使用时一直报个警告信息,还不知道如何解决
WARN log - No CallbackHandler configured: using DefaultCallbackHandler
三、ActiveMQ5.3.0中的配置(conf下有各种配置样例)
<?xml version="1.0" encoding="UTF-8"?>
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:amq="http://activemq.apache.org/schema/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<value>file:${activemq.base}/conf/credentials.properties</value>
</property>
</bean>
<broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core">
<plugins>
<!-- Configure authentication; Username, passwords and groups -->
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system" password="manager"
groups="users,admins"/>
<authenticationUser username="user" password="password"
groups="users"/>
<authenticationUser username="guest" password="password" groups="guests"/>
</users>
</simpleAuthenticationPlugin>
<!-- Lets configure a destination based authorization mechanism -->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry queue="TEST.Q" read="guests" write="guests" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
<persistenceAdapter>
<jdbcPersistenceAdapter dataDirectory="${activemq.base}/data" dataSource="#oracle-ds"/>
</persistenceAdapter>
<transportConnectors>
<transportConnector name="myQueue" uri="tcp://195.2.199.169:61616"/>
<transportConnector name="myTopic" uri="tcp://195.2.199.169:61617"/>
</transportConnectors>
</broker>
<bean id="oracle-ds" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="oracle.jdbc.driver.OracleDriver"/>
<property name="url" value="jdbc:oracle:thin:@195.2.199.6:1521:orcl"/>
<property name="username" value="activemq"/>
<property name="password" value="activemq"/>
<property name="maxActive" value="200"/>
<property name="poolPreparedStatements" value="true"/>
</bean>
<!--
Configure command agent to be used in secured broker environment
Notice how we used ${activemq.username} and ${activemq.password} configured in credential.properties
-->
<commandAgent xmlns="http://activemq.apache.org/schema/core" brokerUrl="vm://localhost" username="${activemq.username}" password="${activemq.password}"/>
<!-- Use Web applications and Camel in secured broker environment -->
<import resource="jetty.xml"/>
<import resource="camel.xml"/>
</beans>
credentials.properties:
activemq.username=system
activemq.password=manager
分享到:
相关推荐
activemq activeMq笔记.docx
<bean xmlns="http://www.springframework.org/schema/beans" id="ipAuthenticationPlugin" class="tewa.apache.activemq.security.IPAuthenticationPlugin"> <property name="allowedIPAddresses"> <value>...
The book lays out the core of ActiveMQ in clear language, starting with the anatomy of a JMS message and moving quickly through connectors, message persistence, authentication and authorization....
apache-activemq Linux版本
使用activemq依赖库连接, 该项目为java工程,内有ssl证书生成方式链接,不清楚可私信
activeMQ的测试工具,用于发送和接收activeMQ消息,jar包形式的,安装完jdk之后用java -jar xxx.jar命令运行
activemq, Apache ActiveMQ镜像 欢迎来到 Apache ActiveMQis是一个高性能的Apache 2.0许可以消息代理和 JMS 1.1实现。正在启动要帮助你入门,请尝试以下链接:入门http://activemq.apache.org/version-
ActiveMQ高并发处理方案ActiveMQ高并发处理方案 超级字数补丁超级字数补丁
springboot +netty+activeMq在线客服系统springboot +netty+activeMq在线客服系统springboot +netty+activeMq在线客服系统springboot +netty+activeMq在线客服系统springboot +netty+activeMq在线客服系统springboot...
最新activemq-cpp开发手册!
activemq书籍及工具 activemq书籍及工具 activemq书籍及工具 activemq书籍及工具 activemq书籍及工具
百度spring整合activemq 发现几乎都只是在xml文件配置固定的消息队列而且太麻烦。并没有根据需求进行动态生成主题和队列。本文档参考了纯粹的activemq java代码和百度上的demo,很简洁的实现了动态消息队列的生成和...
activemq 配置说明与activemq入门讲解
activemq消息测试工具
activeMQ学习activeMQ学习activeMQ学习activeMQ学习
Linux版本activemq安装包
包括1、ActiveMQ java实例 2、ActiveMQ Spring结合实例 3、代码亲测,无问题。 4、资源分5分绝对值 注意:请先安装ActiveMQ 服务。
本教程旨在帮助activeMQ初学者入门,通过本示例,能完全理解activeMQ的基本概念,为分布式应用打下基础。 本示例中,使用maven管理,完美解决各种依赖问题,不需要自行配置,导入项目等待eclipse自行下载jar包后即可...
activemq实战