ActiveMQ-验证配置

前端验证

jetty.xml

    <bean id="securityConstraint" class="org.eclipse.jetty.util.security.Constraint">
        <property name="name" value="BASIC" />
        <property name="roles" value="user,admin" />
        
        <property name="authenticate" value="true" />
    bean>

• roles：可登陆组
• authenticate：是否开启登陆验证

jetty-realm.properties

admin: admin, admin
godme: godme, admin
producer: producer, user
consumer: consumer, user
user: user, user

• uername: password, group：用户名：密码， 用户分组

后端校验

users.properties

admin=admin
godme=godme
producer=producer
consumer=consumer
# username=password

groups.properties

admins=admin,godme
producers=producer
consumers=consumer
# group=user1,user2...

activemq.xml

• 简单校验(直接指定用户名和密码)

<plugins>
    <jaasAuthenticationPlugin configuration="activemq" />
    <simpleAuthenticationPlugin>
        <users>
            <authenticationUser username="producer" password="producer" groups="producer"/>
        users>
     simpleAuthenticationPlugin>
plugins>

• 指定队列

<plugins>
    <jaasAuthenticationPlugin configuration="activemq" />
    <authorizationPlugin>
        <map>
            <authorizationMap>
                <authorizationEntries>
                    <authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
                    <authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
                    <authorizationEntry topic="ActiveMQ.Advisory.>" read="admins" write="admins" admin="admins"/>
                    <authorizationEntry queue="ActiveMQ.Advisory.>" read="admins" write="admins" admin="admins"/>
                authorizationEntries>
            authorizationMap>
        map>
    authorizationPlugin>
plugins>

可以指定队列和主题，还有权限操作。

切记，都在broker标签下面，两者都在plugins标签下定义。

<authorizationPlugin>
    <map>
       <authorizationMap>
          <authorizationEntries>
            <authorizationEntry topic=">" read="consumers" write="producers" admin="producers" />
           <authorizationEntry queue=">" read="consumers" write="producers" admin="producers" />
           <authorizationEntry topic="ActiveMQ.Advisory.>" read="consumers,producers" write="producers,consumers" admin="producers,consumers"/>
          <authorizationEntry queue="ActiveMQ.Advisory.>" read="consumers,producers" write="producers,consumers" admin="producers,consumers"/>
          authorizationEntries>
       authorizationMap>
   map>
authorizationPlugin>

原本想配置成这样

• consumer读取
• producer写入

但是好像ActiveMQ.Advisory.>也要进行配置来着。

更多详情参考官方配置，去掉后缀就是官网，慢慢学习。