Hello, I try to configure JAAS to secure my broker and web console. Therefore I created login.config file with
ActiveMQ { org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required debug="true" file="/full/path/to/realm.properties"; }; and my realm properties looks like system: manager,admins Further I added <plugins> <jaasAuthenticationPlugin configuration="ActiveMQ" /> <!-- lets configure a destination based authorization mechanism --> <authorizationPlugin> <map> <authorizationMap> <authorizationEntries> <authorizationEntry queue=">" read="admins" write="admins" admin="admins" /> <authorizationEntry topic=">" read="admins" write="admins" admin="admins" /> </authorizationEntries> <tempDestinationAuthorizationEntry> <tempDestinationAuthorizationEntry read="admins" write="admins" admin="admins" /> </tempDestinationAuthorizationEntry> </authorizationMap> </map> </authorizationPlugin> </plugins> to my broker. I already use my jaas config successfully to login to my web console with given credentials. But if I try to send a message to a queue I get the following error: DEBUG TransportConnection - Setting up new connection: /127.0.0.1:35604 WARN TransportConnection - Failed to add Connection java.lang.SecurityException: User name or password is invalid. at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) at java.lang.Thread.run(Thread.java:619) Caused by: javax.security.auth.login.LoginException: Login Failure: all modules ignored at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) ... 17 more DEBUG Service - Error occured while processing sync command: java.lang.SecurityException: User name or password is invalid. java.lang.SecurityException: User name or password is invalid. at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) at java.lang.Thread.run(Thread.java:619) Caused by: javax.security.auth.login.LoginException: Login Failure: all modules ignored at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) ... 17 more DEBUG Transport - Transport failed: java.io.IOException: User name or password is invalid. java.io.IOException: User name or password is invalid. at org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39) at org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482) at org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551) at org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56) at org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40) at org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207) at org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793) at org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752) at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181) at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) at java.lang.Thread.run(Thread.java:619) Caused by: java.lang.SecurityException: User name or password is invalid. at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) ... 10 more Caused by: javax.security.auth.login.LoginException: Login Failure: all modules ignored at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) ... 17 more DEBUG TransportConnection - Stopping connection: /127.0.0.1:35604 DEBUG TcpTransport - Stopping transport tcp:///127.0.0.1:35604 DEBUG TransportConnection - Stopped transport: /127.0.0.1:35604 DEBUG TransportConnection - Cleaning up connection resources: /127.0.0.1:35604 WARN Service - Failed to remove connection ConnectionInfo {commandId = 0, responseRequired = true, connectionId = ID:tank2-58514-1230731215437-2:0, clientId = ID:tank2-58514-1230731215437-2:0, userName = system, password = manager, brokerPath = null, brokerMasterConnector = false, manageable = false, clientMaster = true} java.lang.SecurityException: User is not authenticated. at org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52) at org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149) at org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417) at org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224) at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432) at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362) at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357) at org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217) at org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) at org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) at org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95) at org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) at org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117) at org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721) at org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000) at org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74) at org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925) DEBUG TransportConnection - Connection Stopped: /127.0.0.1:35604 Hope somone can help me =) kind regards, geezmo -- View this message in context: http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.