zoukankan      html  css  js  c++  java
  • ActiveMQ(5.10.0)

    The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

    <plugins>
        <simpleAuthenticationPlugin>
            <users>
                <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>
                <authenticationUser username="producer" password="producer" groups="producers,consumers"/>
                <authenticationUser username="consumer" password="consumer" groups="consumers"/>
                <authenticationUser username="guest" password="guest" groups="guests"/>
            </users>
        </simpleAuthenticationPlugin>
    </plugins>

    By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

    The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

    private String username = "producer";
    private String password = "producer";
    
    public Producer() throws JMSException {
        factory = new ActiveMQConnectionFactory(brokerURL);
        connection = factory.createConnection(username, password);
        connection.start();
        session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
        producer = session.createProducer(null);
    }

    As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method. 

    Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
    environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

  • 相关阅读:
    mac升级后,遇到openssl相关问题
    mysql清空所有表
    composer 管理js css等依赖文件【fxp/composer-asset-plugin】
    php安装pcntl
    git命令
    docker
    OAuth 2.0
    mysql杯观锁与乐观锁
    mysql添加用户,授权,刷新权限
    Mac下安装SecureCRT并激活
  • 原文地址:https://www.cnblogs.com/huey/p/5126778.html
Copyright © 2011-2022 走看看