Hi,
I'm just starting with the 5.2 snapshot today. I know very little about
activemq. The release notes for 5.2 suggest that ldap authorization is
working.
I want to use the http servlet and REST interface. But processes must
authenticate before being able to send or receive. I need to
authenticate with ldap.
There is surprisingly little detail on the website about how to
configure ldap authentication. Not much in the mailing list archive either.
I really need an explicit example of how to set it up. I don't even know
where exactly to specify the ldapAuthorizationMap information.
Here's what I did:
1. unpack the 5.2 snapshot
2. edit conf/activemq.xml
3. Add a plugins section in the only broker section I see in the
provided activemq.xml file (this is probably why its not working)
it looks like:
<broker xmlns="http://activemq.apache.org/schema/core";
brokerName="localhost" dataDirectory="${activemq.base}/data">
<plugins>
<authorizationPlugin>
<map>
<ldapAuthorizationMap>
<options>
<property name="initialContextFactory"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
<property name="connectionURL"
value="ldap://redacted"/>
<property name="authentication"
value="simple"/>
<property name="connectionUsername"
value="redacted"/>
<property name="connectionPassword"
value="redacted"/>
<property name="connectionProtocol"
value="s"/>
<property name="topicSearchMatching"
value="uid={0},ou=topics,ou=destinations,o=ActiveMQ,redacted"/>
<property name="topicSearchSubtree"
value="true"/>
<property name="queueSearchMatching"
value="uid={0},ou=queues,ou=destinations,o=ActiveMQ,redacted"/>
<property name="queueSearchSubtree"
value="true"/>
<property name="adminBase"
value="(cn=admin)"/>
<property name="adminAttribute"
value="uniqueMember"/>
<property name="readBase"
value="(cn=read)"/>
<property name="readAttribute"
value="uniqueMember"/>
<property name="writeBase"
value="(cn=write)"/>
<property name="writeAttribute"
value="uniqueMember"/>
</options>
</ldapAuthorizationMap>
</map>
</authorizationPlugin>
</plugins>
4. on startup I get this stack trace:
ERROR: java.lang.RuntimeException: Failed to execute start task.
Reason: org.springframework.beans.factory.BeanDefinitionStoreException:
Unrecognized xbean element mapping: ldapAuthorizationMap in namespace
http://activemq.apache.org/schema/core
java.lang.RuntimeException: Failed to execute start task.
Reason: org.springframework.beans.factory.BeanDefinitionStoreException:
Unrecognized xbean element mapping: ldapAuthorizationMap in namespace
http://activemq.apache.org/schema/core
at
org.apache.activemq.console.command.StartCommand.runTask(StartCommand.java:99)
at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
at
org.apache.activemq.console.command.ShellCommand.runTask(ShellCommand.java:104)
at
org.apache.activemq.console.command.AbstractCommand.execute(AbstractCommand.java:51)
at
org.apache.activemq.console.command.ShellCommand.main(ShellCommand.java:76)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Perhaps I need to install another jar?
http://activemq.apache.org/initial-configuration.html
doesn't say anything about additional JAAS jars or ldap..
I'm sorry if this is a faq. I know nothing about spring, and little
about java.
the example/conf/activemq.xml file is even simpler than the
conf/activemq.xml file, so there's nothing there that's helpful.
I see mentions of needing a Jaas config, but I just can't seem to tie
together all the steps needed to make it work.
Does anyone have a complete example of how to get ldap authentication to
work?
Thanks
--
Brad Clements, [EMAIL PROTECTED] (315)268-1000
http://www.murkworks.com
AOL-IM: BKClements
