ActiveMQ 基于JAAS的管理机制
在配置消息在发送过程中,非法用户拦截消息,采用JAAS的安全管理机制来判断消息。
activemq.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
<!-- Allows us to use system properties as variables in this configuration file -->
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<value>classpath:credentials.properties</value>
</property>
</bean>
<broker useJmx="false" brokerName="jdbcBroker" xmlns="http://activemq.apache.org/schema/core" >
<persistenceAdapter>
<jdbcPersistenceAdapter dataDirectory="activemq-data" dataSource="#derby-ds"/>
</persistenceAdapter>
<plugins>
<!-- Configure authentication; Username, passwords and groups -->
<!-- 配置发送和接受的用户名和密码,以及所在的用户组-->
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system" password="${activemq.password}"
groups="users,admins"/>
<authenticationUser username="user" password="${guest.password}"
groups="users"/>
<authenticationUser username="guest" password="${guest.password}" groups="guests"/>
</users>
</simpleAuthenticationPlugin>
<!-- Lets configure a destination based authorization mechanism
采用JAAS的管理机制来配置各种角色的权限
-->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry queue="TEST.*" read="guests" write="guests" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<!-- 表示通配符,例如USERS.>表示以USERS.开头的主题,>表示所有主题,read表示读的权限,write表示写的权限,admin表示角色组
-->
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
</authorizationEntries>
<!-- let's assign roles to temporary destinations. comment this entry if we don't want any roles assigned to temp destinations -->
<tempDestinationAuthorizationEntry>
<tempDestinationAuthorizationEntry
read="tempDestinationAdmins" write="tempDestinationAdmins"
admin="tempDestinationAdmins" />
</tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
<transportConnectors>
<transportConnector name="default" uri="tcp://localhost:61617"/>
</transportConnectors>
</broker>
<bean id="derbyds" class="org.apache.activemq.store.jdbc.adapter.DB2JDBCAdapter"/>
<!-- Embedded Derby DataSource Sample Setup -->
<bean id="derby-ds" class="org.apache.derby.jdbc.EmbeddedDataSource">
<property name="databaseName" value="derbydb"/>
<property name="createDatabase" value="create"/>
</bean>
</beans>
activemq-spring.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
<bean id="broker" class="org.apache.activemq.xbean.BrokerFactoryBean">
<property name="config" value="classpath:activemq.xml"></property>
<property name="start" value="false"></property>
</bean>
<!-- 连接连接工厂 -->
<bean id="connectionFactory" class="org.apache.activemq.ActiveMQConnectionFactory" >
<property name="userName">
<value>guest</value>
</property>
<property name="password">
<value>password</value>
</property>
<property name="brokerURL" value="tcp://localhost:61616">
</property>
</bean>
<!-- 配置JMS的模板 -->
<bean id="jmsTemplate" class="org.springframework.jms.core.JmsTemplate">
<property name="connectionFactory" >
<ref bean="connectionFactory"/>
</property>
</bean>
<!-- 发送消息队列到目的地 -->
<bean id="destination" class="org.apache.activemq.command.ActiveMQQueue">
<!-- 消息队列的名称 -->
<constructor-arg index="0" value="GUEST.activemqQueue"></constructor-arg>
</bean>
</beans>
消息的生产者:
package easyway.activemq.app.demo.security;
import javax.jms.Destination;
import javax.jms.JMSException;
import javax.jms.Message;
import javax.jms.Session;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.jms.core.JmsTemplate;
import org.springframework.jms.core.MessageCreator;
/**
* 消息的发送者
* @author longgangbai
*
*/
public class MessageProductor {
public static void main(String[] args) {
ApplicationContext ctx = new ClassPathXmlApplicationContext("activemq-spring.xml");
JmsTemplate template = (JmsTemplate) ctx.getBean("jmsTemplate");
Destination destination = (Destination) ctx.getBean("destination");
template.send(destination, new MessageCreator() {
public Message createMessage(Session session) throws JMSException {
return session.createTextMessage("发送消息:Hello ActiveMQ Text Message!");
}
});
System.out.println("成功发送了一条JMS消息");
}
}
消息的消费者:
package easyway.activemq.app.demo.security;
import javax.jms.Connection;
import javax.jms.Destination;
import javax.jms.JMSException;
import javax.jms.MessageConsumer;
import javax.jms.Session;
import javax.jms.TextMessage;
import org.apache.activemq.ActiveMQConnectionFactory;
/**
* 消息的接受者
* @author Owner
*
*/
public class MessageCustomer {
public static void main(String[] args) throws JMSException {
//客户端用户
String username="guest";
//客户端密码
String password="password";
//服务端的路径
String url="tcp://localhost:61616";
String queueName="GUEST.activemqQueue";
ActiveMQConnectionFactory connectionfactory=new ActiveMQConnectionFactory(username,password,url);
Connection connection=connectionfactory.createConnection();
connection.start();
Session session=connection.createSession(false, Session.CLIENT_ACKNOWLEDGE);
Destination queue=session.createQueue(queueName);
MessageConsumer consumer=session.createConsumer(queue);
TextMessage txtmessage =(TextMessage)consumer.receive();
String message=txtmessage.getText();
System.out.println("message ="+message);
}
}