Your problem is indeed related to authorization. Your user is able to login but does not have permission (i.e. is not authorized) to create a durable queue. As with your previous question, the documentation should provide the help you need. The link I provided previously [1] should have the information you're after.
Justin [1] http://activemq.apache.org/artemis/docs/1.3.0/security.html (see the "Role based security for addresses" section) ----- Original Message ----- From: "anton.mithun" <mithunantonru...@gmail.com> To: users@activemq.apache.org Sent: Wednesday, November 23, 2016 9:59:38 AM Subject: User privileges exception thrown from jaas / Authorization plugin format for jaas- artemis I tried to implement a custom JAAS authentication module with apache-artemis-1.3.0. In bootstrap.xml, <jaas-security domain="CustomLogin"/> In login.config, CustomLogin { com.activemq.core.CustomLoginModule Sufficient core.url="http://localhost:8080/jaas";; }; Call flow seems to get executed properly. LoginModule.login() is called and returns true as in a normal case. But I get a javax.jms.JMSSecurityException error saying "AMQ119032: User: amq does not have permission='CREATE_DURABLE_QUEUE' on address jms.queue.TestQueue" I looked up in the internet, and found some posts regarding same sort of issue in activemq/apollo. In activemq these sort of issues might require us to provide a authorization so that user gets read/write/connect/create permissions. <plugins> <jaasAuthenticationPlugin configuration="activemq-domain" /> <authorizationPlugin> <map> <authorizationMap> <authorizationEntries> <authorizationEntry queue="foobarQueue" write="foobarGroup" read="foobarGroup" admin="foobarGroup" /> </authorizationEntries> </authorizationMap> </map> </authorizationPlugin> </plugins> In apollo, <access_rule allow="users" action="connect create destroy send receive consume"/> and put the following line of code in LoginModule.login() principals.add(new GroupPrincipal("users")); But I cant find a way to sort it out in artemis. <plugin> tag doesnt work in artemis I beleive. I dont even know if its about authorization issue to be honest. But no error/exception is thrown from CustomLoginModule class. What might be the cause for this JMSSecurityException? if its regarding authorization, what is authorization plugin format in artemis? Any insight into this is much appreciated. -- View this message in context: http://activemq.2283324.n4.nabble.com/User-privileges-exception-thrown-from-jaas-Authorization-plugin-format-for-jaas-artemis-tp4719410.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
