Activemq配置——Jaas方式配置用户登录验证

配置方式:

一、要配置系统环境变量:配置Jaas加载的配置文件路径。


linux下使用

export ACTIVEMQ_OPTS=-Djava.security.auth.login.config=<login.config存储路径> 
或是在profile文件末尾添加上这样一个导出

windows下

SET ACTIVEMQ_OPTS=%ACTIVEMQ_OPTS% -Djava.security.auth.login.config=<login.config存储路径>


二、配置配置文件


在配置文件broker之间添加下面的配置

  1. <plugins>  
  2.         <!-- Configure authentication; Username, passwords and groups
  3.  添加jaas认证插件  
  4. activemq-domain 在login.config里面定义,详细见login.config -->  
  5.         <jaasAuthenticationPlugin configuration="activemq-domain" />
  6.   
  7.   
  8.       <!--  Lets configure a destination based authorization mechanism 
  9. 配置队列用户权限,>表示任意字符 -->  
  10.       <authorizationPlugin>  
  11.         <map>  
  12.           <authorizationMap>  
  13.             <authorizationEntries>  
  14.               <authorizationEntry queue=">" read="admins" write="admins" admin="admins" />  
  15.               <authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />  
  16.               <authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />  
  17.                 
  18.               <authorizationEntry queue="TEST.Q" read="guests" write="guests" />  
  19.                 
  20.               <authorizationEntry topic=">" read="admins" write="admins" admin="admins" />  
  21.               <authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />  
  22.               <authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />  
  23.                 
  24.               <authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>  
  25.             </authorizationEntries>  
  26.           </authorizationMap>  
  27.         </map>  
  28.       </authorizationPlugin>  
  29.     </plugins>  


login.config:Jaas插件验证入口

  1. activemq-domain //与配置文件中jaas plugin配置中的configuration相一致
  2. {
        org.apache.activemq.jaas.PropertiesLoginModule required//加载模块
            debug=true //设置调试模式
            org.apache.activemq.jaas.properties.user="users.properties"//配置users.properties的相应文件路径
            org.apache.activemq.jaas.properties.group="groups.properties";//配置groups.properties的相应文件路径
    };
下载连接:login.config


users.properties:配置用户名和密码

  1. ## ---------------------------------------------------------------------------
    ## Licensed to the Apache Software Foundation (ASF) under one or more
    ## contributor license agreements.  See the NOTICE file distributed with
    ## this work for additional information regarding copyright ownership.
    ## The ASF licenses this file to You under the Apache License, Version 2.0
    ## (the "License"); you may not use this file except in compliance with
    ## the License.  You may obtain a copy of the License at
    ## 
    ## http://www.apache.org/licenses/LICENSE-2.0
    ## 
    ## Unless required by applicable law or agreed to in writing, software
    ## distributed under the License is distributed on an "AS IS" BASIS,
    ## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    ## See the License for the specific language governing permissions and
    ## limitations under the License.
    ## ---------------------------------------------------------------------------

    #格式user=password

  2. system=manager
    user=password
    guest=password
    sslclient=CN=localhost, OU=activemq.org, O=activemq.org, L=LA, ST=CA, C=US
下载连接:users.properties

group.properties:配置用户对应的用户组

  1. ## ---------------------------------------------------------------------------
    ## Licensed to the Apache Software Foundation (ASF) under one or more
    ## contributor license agreements.  See the NOTICE file distributed with
    ## this work for additional information regarding copyright ownership.
    ## The ASF licenses this file to You under the Apache License, Version 2.0
    ## (the "License"); you may not use this file except in compliance with
    ## the License.  You may obtain a copy of the License at
    ## 
    ## http://www.apache.org/licenses/LICENSE-2.0
    ## 
    ## Unless required by applicable law or agreed to in writing, software
    ## distributed under the License is distributed on an "AS IS" BASIS,
    ## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    ## See the License for the specific language governing permissions and
    ## limitations under the License.
    ## ---------------------------------------------------------------------------

    #格式:用户组=用户1,用户2,...
    admins=system,sslclient,client,broker1,broker2
    tempDestinationAdmins=system,user,sslclient,client,broker1,broker2
    users=system,user,sslclient,client,broker1,broker2
    guests=guest
下载连接:group.properties



你可能感兴趣的:(apache,File,activemq,System,express,permissions)