I think what is happening is that you haven't given everyone all access rights to the advisory topics. I get a similar stack trace when I don't do that. Add an ACL with the following "ActiveMQ.Advisory.>" and that should do the trick.
If you're interested, check out this AMQ security plugin. http://www.ttmsolutions.com/amqsec.php4 You can re-configure it on the fly, uses obfuscated passwords, and has a JMX MBean. Joe Carlos Quiroz wrote: > > Hi and thanks for your response > > Maybe I should add that the queue is in the startup set > <destinations> > <queue physicalName="myqueue" /> > </destinations> > > and that in the logs appears as it has been created > This worked fine in AMQ 5.0 > > Carlos > > > Dejan Bosanac wrote: >> >> Hi Carlos, >> >> it looks like you don't have "myqueue" created, so ActiveMQ tries to do >> that >> with supplied credentials. Try creating the queue manually if you don't >> want >> to use "admin" priviledges. >> >> Regards >> -- >> Dejan Bosanac >> www.scriptinginjava.net >> >> On Wed, May 14, 2008 at 1:55 PM, Carlos Quiroz < >> [EMAIL PROTECTED]> wrote: >> >>> >>> Hi >>> >>> I have been using AMQ 5.0 for a while and I have created my own >>> authentication plugin. When I switched to AMQ 5.1 my clients cannot >>> connect >>> anymore because somehow they are not authorized to create topics or >>> queues. >>> Apparently now when subscribing to a topic/queue you need to have admin >>> permission to do that. Is it so? >>> >>> My activemq.xml looks like: >>> >>> <broker xmlns="http://activemq.org/config/1.0"; >>> brokerName="broker" dataDirectory="${activemq.base}/data" >>> populateJMSXUserID="true" advisorySupport="true" >>> useJmx="true"> >>> >>> <plugins> >>> <bean name="MyLoginModule" >>> class="" >>> xmlns=""> >>> >>> <!-- lets configure a destination based >>> authorization mechanism --> >>> <authorizationPlugin> >>> <map> >>> <authorizationMap> >>> <authorizationEntries> >>> >>> <authorizationEntry >>> queue=">" read="admins" >>> >>> write="admins" admin="admins" /> >>> >>> <authorizationEntry >>> queue="myqueu" >>> >>> read="service" write="users" admin="admin" /> >>> .... >>> </map> >>> </authorizationPlugin> >>> </plugins> >>> >>> >>> >>> <destinations> >>> <queue physicalName="myqueue /> >>> </destinations> >>> >>> Upon connection I get the exception below but it works if I change the >>> admin >>> permision of the queue to admin="users" >>> >>> Any idea about this? Why was this change added to AMQ 5.1? Should the >>> configuration change? >>> >>> Regards >>> Carlos Quiroz >>> >>> >>> java.lang.SecurityException: User 181.175 is not authorized to create: >>> queue://myqueue >>> at >>> >>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:65) >>> at >>> >>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148) >>> at >>> org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:443) >>> at >>> >>> org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224) >>> at >>> >>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:325) >>> at >>> >>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:268) >>> at >>> >>> org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:260) >>> at >>> >>> org.apache.activemq.advisory.AdvisoryBroker.addDestination(AdvisoryBroker.java:153) >>> at >>> >>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141) >>> at >>> >>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141) >>> at >>> >>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141) >>> at >>> >>> org.apache.activemq.broker.BrokerFilter.addDestination(BrokerFilter.java:141) >>> at >>> >>> org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:71) >>> at >>> >>> org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:148) >>> at >>> >>> org.apache.activemq.broker.region.AbstractRegion.lookup(AbstractRegion.java:385) >>> at >>> >>> org.apache.activemq.broker.region.AbstractRegion.addConsumer(AbstractRegion.java:219) >>> at >>> >>> org.apache.activemq.broker.region.TopicRegion.addConsumer(TopicRegion.java:108) >>> at >>> >>> org.apache.activemq.broker.region.RegionBroker.addConsumer(RegionBroker.java:401) >>> at >>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85) >>> at >>> >>> org.apache.activemq.advisory.AdvisoryBroker.addConsumer(AdvisoryBroker.java:83) >>> at >>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85) >>> at >>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85) >>> at >>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85) >>> at >>> org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:85) >>> at >>> >>> org.apache.activemq.security.AuthorizationBroker.addConsumer(AuthorizationBroker.java:132) >>> at >>> >>> org.apache.activemq.broker.MutableBrokerFilter.addConsumer(MutableBrokerFilter.java:92) >>> at >>> >>> org.apache.activemq.broker.TransportConnection.processAddConsumer(TransportConnection.java:529) >>> at >>> org.apache.activemq.command.ConsumerInfo.visit(ConsumerInfo.java:345) >>> at >>> >>> org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:293) >>> at >>> >>> org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181) >>> at >>> >>> org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) >>> at >>> >>> org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:80) >>> at >>> >>> org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:134) >>> at >>> >>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompSubscribe(ProtocolConverter.java:396) >>> at >>> >>> org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:182) >>> at >>> >>> org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:70) >>> at >>> >>> org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) >>> at >>> >>> org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:196) >>> at >>> org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:183) >>> at java.lang.Thread.run(Thread.java:619) >>> -- >>> View this message in context: >>> http://www.nabble.com/Authentication-problem-in-AMQ-5.1-tp17229324s2354p17229324.html >>> Sent from the ActiveMQ - User mailing list archive at Nabble.com. >>> >>> >> >> >> ----- >> Dejan Bosanac >> www.scriptinginjava.net >> > > -- View this message in context: http://www.nabble.com/Authentication-problem-in-AMQ-5.1-tp17229324s2354p17252734.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
