Hi, the default properties login module uses two files (users and groups), so I guess that's why you are getting this exception. Try following the example shown on the security page
http://activemq.apache.org/security.html#Security-Authentication Regards -- Dejan Bosanac Open Source Integration - http://fusesource.com/ ActiveMQ in Action - http://www.manning.com/snyder/ Blog - http://www.nighttale.net On Mon, Jan 5, 2009 at 3:41 PM, geezmo <m...@netmonic.com> wrote: > > No, not really. The tutorial I followed used this. With > org.apache.activemq.jaas.PropertiesLoginModule I had another error on > authenticating for the web console. Something with "User not in required > role." Maybe you know the reason for that. Do you have/know a working > tutorial for 5.2.0 with requirements: username+password for broker and web > console. > > cheer, > Manuel > > > Dejan Bosanac wrote: > > > > Is there any specific reason you are using > > org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule > > instead of org.apache.activemq.jaas.PropertiesLoginModule? > > > > Cheers > > -- > > Dejan Bosanac > > > > Open Source Integration - http://fusesource.com/ > > ActiveMQ in Action - http://www.manning.com/snyder/ > > Blog - http://www.nighttale.net > > > > > > On Wed, Dec 31, 2008 at 2:54 PM, geezmo <m...@netmonic.com> wrote: > > > >> > >> Hello, > >> > >> I try to configure JAAS to secure my broker and web console. Therefore I > >> created login.config file with > >> > >> ActiveMQ { > >> org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule required > >> debug="true" > >> file="/full/path/to/realm.properties"; > >> }; > >> > >> and my realm properties looks like > >> > >> system: manager,admins > >> > >> Further I added > >> > >> <plugins> > >> > >> <jaasAuthenticationPlugin > configuration="ActiveMQ" > >> /> > >> > >> <!-- lets configure a destination based > >> authorization mechanism --> > >> <authorizationPlugin> > >> <map> > >> <authorizationMap> > >> <authorizationEntries> > >> > >> <authorizationEntry > >> queue=">" read="admins" > >> > >> write="admins" admin="admins" /> > >> > >> > >> <authorizationEntry > >> topic=">" read="admins" > >> > >> write="admins" admin="admins" /> > >> </authorizationEntries> > >> > >> > >> <tempDestinationAuthorizationEntry> > >> > >> <tempDestinationAuthorizationEntry > >> > >> read="admins" write="admins" admin="admins" /> > >> > >> </tempDestinationAuthorizationEntry> > >> </authorizationMap> > >> </map> > >> </authorizationPlugin> > >> </plugins> > >> > >> to my broker. > >> > >> I already use my jaas config successfully to login to my web console > with > >> given credentials. But if I try to send a message to a queue I get the > >> following error: > >> > >> DEBUG TransportConnection - Setting up new connection: > >> /127.0.0.1:35604 > >> WARN TransportConnection - Failed to add Connection > >> java.lang.SecurityException: User name or password is invalid. > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) > >> at > >> > org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) > >> at > >> > >> > org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) > >> at > >> > >> > org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) > >> at > >> > org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) > >> at > >> > >> > org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) > >> at > >> > >> > org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) > >> at java.lang.Thread.run(Thread.java:619) > >> Caused by: javax.security.auth.login.LoginException: Login Failure: all > >> modules ignored > >> at > >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) > >> at > >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) > >> at > >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) > >> at java.security.AccessController.doPrivileged(Native Method) > >> at > >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > >> at > >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) > >> ... 17 more > >> DEBUG Service - Error occured while processing > >> sync > >> command: java.lang.SecurityException: User name or password is invalid. > >> java.lang.SecurityException: User name or password is invalid. > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) > >> at > >> > org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) > >> at > >> > >> > org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) > >> at > >> > >> > org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) > >> at > >> > org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) > >> at > >> > >> > org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) > >> at > >> > >> > org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) > >> at java.lang.Thread.run(Thread.java:619) > >> Caused by: javax.security.auth.login.LoginException: Login Failure: all > >> modules ignored > >> at > >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) > >> at > >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) > >> at > >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) > >> at java.security.AccessController.doPrivileged(Native Method) > >> at > >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > >> at > >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) > >> ... 17 more > >> DEBUG Transport - Transport failed: > >> java.io.IOException: User name or password is invalid. > >> java.io.IOException: User name or password is invalid. > >> at > >> > >> > org.apache.activemq.util.IOExceptionSupport.create(IOExceptionSupport.java:39) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter$2.onResponse(ProtocolConverter.java:482) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onActiveMQCommad(ProtocolConverter.java:551) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.oneway(StompTransportFilter.java:56) > >> at > >> > org.apache.activemq.transport.MutexTransport.oneway(MutexTransport.java:40) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.dispatch(TransportConnection.java:1207) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.processDispatch(TransportConnection.java:793) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.dispatchSync(TransportConnection.java:752) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:181) > >> at > >> > >> > org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:475) > >> at > >> > >> > org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:187) > >> at > >> > >> > org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) > >> at > >> > >> > org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) > >> at > >> > org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) > >> at java.lang.Thread.run(Thread.java:619) > >> Caused by: java.lang.SecurityException: User name or password is > invalid. > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:83) > >> at > >> > org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:82) > >> at > >> > >> > org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:679) > >> at > >> > >> > org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) > >> at > >> > org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:305) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:179) > >> ... 10 more > >> Caused by: javax.security.auth.login.LoginException: Login Failure: all > >> modules ignored > >> at > >> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) > >> at > >> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) > >> at > >> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) > >> at java.security.AccessController.doPrivileged(Native Method) > >> at > >> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > >> at > >> javax.security.auth.login.LoginContext.login(LoginContext.java:579) > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:76) > >> ... 17 more > >> DEBUG TransportConnection - Stopping connection: / > >> 127.0.0.1:35604 > >> DEBUG TcpTransport - Stopping transport > >> tcp:///127.0.0.1:35604 > >> DEBUG TransportConnection - Stopped transport: > >> /127.0.0.1:35604 > >> DEBUG TransportConnection - Cleaning up connection resources: > >> /127.0.0.1:35604 > >> WARN Service - Failed to remove connection > >> ConnectionInfo {commandId = 0, responseRequired = true, connectionId = > >> ID:tank2-58514-1230731215437-2:0, clientId = > >> ID:tank2-58514-1230731215437-2:0, userName = system, password = manager, > >> brokerPath = null, brokerMasterConnector = false, manageable = false, > >> clientMaster = true} > >> java.lang.SecurityException: User is not authenticated. > >> at > >> > >> > org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:52) > >> at > >> > >> > org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:149) > >> at > >> > org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:417) > >> at > >> > >> > org.apache.activemq.broker.TransactionBroker.send(TransactionBroker.java:224) > >> at > >> > >> > org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:432) > >> at > >> > >> > org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:362) > >> at > >> > >> > org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:357) > >> at > >> > >> > org.apache.activemq.advisory.AdvisoryBroker.removeConnection(AdvisoryBroker.java:217) > >> at > >> > >> > org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) > >> at > >> > >> > org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) > >> at > >> > >> > org.apache.activemq.security.JaasAuthenticationBroker.removeConnection(JaasAuthenticationBroker.java:95) > >> at > >> > >> > org.apache.activemq.broker.BrokerFilter.removeConnection(BrokerFilter.java:110) > >> at > >> > >> > org.apache.activemq.broker.MutableBrokerFilter.removeConnection(MutableBrokerFilter.java:117) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.processRemoveConnection(TransportConnection.java:721) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection.doStop(TransportConnection.java:1000) > >> at > >> > >> > org.apache.activemq.broker.jmx.ManagedTransportConnection.doStop(ManagedTransportConnection.java:74) > >> at > >> > >> > org.apache.activemq.broker.TransportConnection$3.run(TransportConnection.java:925) > >> DEBUG TransportConnection - Connection Stopped: / > >> 127.0.0.1:35604 > >> > >> > >> Hope somone can help me =) > >> > >> kind regards, > >> geezmo > >> -- > >> View this message in context: > >> http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21231778.html > >> Sent from the ActiveMQ - User mailing list archive at Nabble.com. > >> > >> > > > > > > ----- > > Dejan Bosanac > > > > > > http://www.ttmsolutions.com - get a free ActiveMQ user guide > > > > ActiveMQ in Action - http://www.manning.com/snyder/ > > Scripting in Java - http://www.scriptinginjava.net > > > > -- > View this message in context: > http://www.nabble.com/5.2.0-JAAS-Problem-tp21231778p21292173.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com. > >