Hi Sumit, I can't see the image, can you upload it somewhere and share the link?
Regards, Domenico Il giorno gio 11 giu 2020 alle ore 09:38 Sumit Bhardwaj < sumit.bhard...@gmail.com> ha scritto: > Yes I already added that jar, but maybe I am missing something. Its > showing me following when I login to http://localhost:8161/ > > Any pointer for this? > > Best > Sumit > > > [image: image.png] > > On Thu, Jun 11, 2020 at 1:04 PM Domenico Francesco Bruscino < > bruscin...@gmail.com> wrote: > >> Hi Sumit, >> >> it will work with encrypted password as well but you need to add the >> artifact org.eclipse.jetty:jetty-jaas:jar to the >> `apache-activemq/lib/web/" >> folder, ie >> >> https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-jaas/9.4.27.v20200227/jetty-jaas-9.4.27.v20200227.jar >> >> Regards, >> Domenico >> >> >> Il giorno gio 11 giu 2020 alle ore 07:43 Sumit Bhardwaj < >> sumit.bhard...@gmail.com> ha scritto: >> >> > Thank Domenico, I will try this. This will work with encrypted >> passwords as >> > well right? >> > >> > Best >> > Sumit >> > >> > On Thu, Jun 11, 2020 at 1:58 AM Domenico Francesco Bruscino < >> > bruscin...@gmail.com> wrote: >> > >> > > Hi Sumit, >> > > >> > > to use the same JAAS Authentication Plugin for the web console, you >> can >> > > execute the following additional steps: >> > > >> > > 1) Replace the `securityLoginService` in jetty.xml: >> > > <bean id="securityLoginService" >> > > class="org.eclipse.jetty.jaas.JAASLoginService"> >> > > <property name="name" value="ActiveMQRealm" /> >> > > <property name="loginModuleName" value="activemq" /> >> > > <property name="roleClassNames"> >> > > <list> >> > > <value>org.apache.activemq.jaas.GroupPrincipal</value> >> > > </list> >> > > </property> >> > > </bean> >> > > >> > > 2) Replace the roles of the `securityConstraint` and >> > > `adminSecurityConstraint` beans in jetty.xml to match the roles >> defined >> > > in groups.properties: >> > > <bean id="securityConstraint" >> > > class="org.eclipse.jetty.util.security.Constraint"> >> > > <property name="name" value="BASIC" /> >> > > <property name="roles" value="user,*admins*" /> >> > > <!-- set authenticate=false to disable login --> >> > > <property name="authenticate" value="true" /> >> > > </bean> >> > > <bean id="adminSecurityConstraint" >> > > class="org.eclipse.jetty.util.security.Constraint"> >> > > <property name="name" value="BASIC" /> >> > > <property name="roles" value="*admins*" /> >> > > <!-- set authenticate=false to disable login --> >> > > <property name="authenticate" value="true" /> >> > > </bean> >> > > >> > > 3) Set the IdentityService of the `securityHandler` bean jetty.xml: >> > > <property name="identityService"> >> > > <bean >> class="org.eclipse.jetty.security.DefaultIdentityService" >> > /> >> > > </property> >> > > >> > > Regards, >> > > Domenico >> > > >> > > Il giorno mer 10 giu 2020 alle ore 19:52 Sumit Bhardwaj < >> > > sumit.bhard...@gmail.com> ha scritto: >> > > >> > > > Thanks a lot Dominico! >> > > > >> > > > I have one more question, can we use JAASAuthenticationPlugin for >> web >> > > > console users as well? >> > > > >> > > > Best >> > > > Sumit >> > > > >> > > > On Wed, Jun 10, 2020 at 1:19 AM Domenico Francesco Bruscino < >> > > > bruscin...@gmail.com> wrote: >> > > > >> > > > > Hi Sumit, >> > > > > >> > > > > to get a working demo of JAAS Authentication Plugin with encrypted >> > > > > passwords, you can execute the following steps: >> > > > > >> > > > > 1) Create a new broker instance: >> > > > > $ ./bin/activemq create broker >> > > > > >> > > > > 2) Add the JAAS Authentication Plugin to activemq.xml: >> > > > > <plugins> >> > > > > <jaasAuthenticationPlugin configuration="activemq"/> >> > > > > >> > > > > 3) Replace the admin password with an encrypted password in >> > > > > users.properties, ie the the encrypted password `manager`: >> > > > > admin=ENC(mYRkg+4Q4hua1kvpCCI2hg==) >> > > > > >> > > > > 4) Enable decrypt in login.config: >> > > > > activemq { >> > > > > org.apache.activemq.jaas.PropertiesLoginModule required >> > > > > decrypt=true >> > > > > >> org.apache.activemq.jaas.properties.user="users.properties" >> > > > > >> > org.apache.activemq.jaas.properties.group="groups.properties"; >> > > > > }; >> > > > > >> > > > > 5) Export the ACTIVEMQ_ENCRYPTION_PASSWORD environment variable: >> > > > > $ export ACTIVEMQ_ENCRYPTION_PASSWORD=activemq >> > > > > >> > > > > 6) Start the broker: >> > > > > $ ./broker/bin/broker start >> > > > > >> > > > > 7) Start the producer: >> > > > > $ ./bin/activemq producer --user admin --password manager >> > > --messageCount >> > > > 1 >> > > > > >> > > > > Regards, >> > > > > Domenico >> > > > > >> > > > > Il giorno mar 9 giu 2020 alle ore 19:09 Sumit Bhardwaj < >> > > > > sumit.bhard...@gmail.com> ha scritto: >> > > > > >> > > > > > Hi, >> > > > > > >> > > > > > We are trying to use JAAS Authentication plugin for ActiveMQ. We >> > have >> > > > > been >> > > > > > able to use it with plain text passwords in the >> users.properties. >> > > > > > >> > > > > > We are not able to figure out how to use the encrypted >> passwords in >> > > > > > users.properties with JAAS Authentication Plugin. >> > > > > > >> > > > > > Are there any examples to achieve this? >> > > > > > >> > > > > > Thanks in advance. >> > > > > > >> > > > > > Best >> > > > > > Sumit >> > > > > > >> > > > > >> > > > >> > > >> > >> >
