zoukankan      html  css  js  c++  java
  • ActiveMQ(5.10.0)

    The easiest way to secure the broker is through the use of authentication credentials placed directly in the broker’s XML configuration file. Such functionality is provided by the simple authentication plug-in that’s part of ActiveMQ. The following listing provides an example of using this plug-in.

    <plugins>
        <simpleAuthenticationPlugin>
            <users>
                <authenticationUser username="admin" password="admin" groups="admins,producers,consumers"/>
                <authenticationUser username="producer" password="producer" groups="producers,consumers"/>
                <authenticationUser username="consumer" password="consumer" groups="consumers"/>
                <authenticationUser username="guest" password="guest" groups="guests"/>
            </users>
        </simpleAuthenticationPlugin>
    </plugins>

    By using this simple configuration snippet, four users can now access ActiveMQ. Obviously, for authentication purposes, each user must have a username and a password. Additionally, the groups attribute provides a comma-separated list of groups to which the user belongs. This information is used for authorization purposes, as will be seen shortly.

    The preceding exception is expected because a security plug-in is activated but the authentication credentials haven’t yet been defined in the producer client. To fix this exception, modify the producer to add a username and password. The following snippet provides an example of this:

    private String username = "producer";
    private String password = "producer";
    
    public Producer() throws JMSException {
        factory = new ActiveMQConnectionFactory(brokerURL);
        connection = factory.createConnection(username, password);
        connection.start();
        session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
        producer = session.createProducer(null);
    }

    As the preceding snippet shows, the only necessary change is to define a username and a password that are then used as parameters to the call to the createConnection()  method. 

    Unfortunately, with the simple authentication plug-in, passwords are stored (and transferred) as clear text, which impacts the security of the broker. But even plain-text passwords prevent unauthorized clients from interacting with the broker, and in some
    environments this is all that’s needed. Additionally, you can consider using the simple authentication plug-in in combination with the SSL transport, which will at least solve the problem of sending plain passwords over the network.

  • 相关阅读:
    安装rabbitmq以及python调用rabbitmq--暂欠
    nginx报错:No package erlang available
    zipimport.ZipImportError: can't decompress data; zlib not available 解决办法
    centos python2.6升级到2.7 还有单独的python3.5环境
    TypeError: datetime.datetime(2016, 9, 25, 21, 12, 19, 135649) is not JSON serializable解决办法(json无法序列化对象的解决办法)
    django的跨站请求访问
    django的中间件
    django缓存
    django的分页--不全也未实现
    django的cookie 和session
  • 原文地址:https://www.cnblogs.com/huey/p/5126778.html
Copyright © 2011-2022 走看看