Hi Ravindu- The ActiveMQ web console uses a separate JAAS realm in 5.x — you will need to modify the conf/jetty.xml and related realm files used by Jetty. (Jetty is the sub-component that provides the http:// services in ActiveMQ)
Thanks, Matt > On Dec 4, 2024, at 4:13 AM, Ravindu Wanasinghe > <[email protected]> wrote: > > HI Matt, > > We need to use this sldap authentication when logging to the activemq > console(GUI) from a browser. Could you please guide us which > files/configurations are used for the authentication in activemq console. > > Regards, > Ravindu. > > On Wed, 4 Dec 2024 at 04:14, Matt Pavlovich <[email protected] > <mailto:[email protected]>> wrote: >> Hi Ravindu- >> >> What is the exception message in the log? >> >> Note: LDAP/LDAPS support is provided by the Java JDK and not any additional >> 3rd party dependencies. >> >> Thanks, >> Matt >> >>> On Dec 3, 2024, at 8:50 AM, Ravindu Wanasinghe >>> <[email protected] <mailto:[email protected]>> >>> wrote: >>> >>> +MIT.MS <mailto:[email protected]> >>> >>> Hi justin, >>> >>> Thank you for your response. I have already updated the configuration in >>> conf/login.config as per your suggestion. I changed the connectionURL >>> parameter from: >>> >>> ldap://host:389 >>> >>> to: >>> >>> ldaps://host:636 >>> >>> However, this modification did not resolve the issue. Could there be other >>> configurations or dependencies I might need to check to ensure successful >>> communication over LDAPS? Any further guidance or troubleshooting steps >>> would be greatly appreciated. >>> >>> Thanks, >>> Ravindu. >>> >>> >>> >>> On Mon, 2 Dec 2024 at 23:53, Justin Bertram <[email protected] >>> <mailto:[email protected]>> wrote: >>>> > We are using LDAP for login to Active MQ. >>>> >>>> I assume that you're talking about authentication. In that case, the >>>> configuration for the LDAPLoginModule will be located in conf/login.config. >>>> It uses com.sun.jndi.ldap.LdapCtxFactory from the JDK to communicate with >>>> LDAP. I believe you simply need to change the value of the "connectionURL" >>>> parameter. Currently you're likely using something like: >>>> >>>> ldap://host:389 >>>> >>>> You can change that to something like this: >>>> >>>> ldaps://host:636 >>>> >>>> Further reading is here [1]. >>>> >>>> >>>> Justin >>>> >>>> [1] https://docs.oracle.com/javase/jndi/tutorial/ldap/misc/url.html >>>> >>>> On Mon, Dec 2, 2024 at 9:37 AM Ravindu Wanasinghe < >>>> [email protected] <mailto:[email protected]>> >>>> wrote: >>>> >>>> > +MIT.MS <http://mit.ms/> <[email protected] <mailto:[email protected]>> >>>> > >>>> > We are using LDAP for login to Active MQ. >>>> > >>>> > We have removed the existing LDAP configuration, and now we need to set >>>> > up >>>> > secure LDAP. >>>> > >>>> > Thanks, >>>> > Ravindu. >>>> > >>>> > >>>> > >>>> > On Mon, 2 Dec 2024 at 19:58, Justin Bertram <[email protected] >>>> > <mailto:[email protected]>> wrote: >>>> > >>>> > > By "Secure LDAP" do you mean LDAP over SSL? >>>> > > >>>> > > In what specific way do you want to "configure Secure LDAP for >>>> > > ActiveMQ"? >>>> > > LDAP typically holds name & role information for users who are >>>> > > connecting >>>> > > to the broker. The broker can integrate with LDAP to either >>>> > > authenticate >>>> > or >>>> > > authorize these users (or both). Do you want to configure either one of >>>> > > these functions? If so, which one? Please clarify. >>>> > > >>>> > > >>>> > > Justin >>>> > > >>>> > > On Mon, Dec 2, 2024 at 8:18 AM Ravindu Wanasinghe < >>>> > > [email protected] >>>> > > <mailto:[email protected]>> wrote: >>>> > > >>>> > > > Hi Justin, >>>> > > > >>>> > > > No, I want to configure Secure LDAP for ActiveMQ . >>>> > > > >>>> > > > Thanks, >>>> > > > Ravindu. >>>> > > > >>>> > > > On Mon, 2 Dec 2024 at 19:44, Justin Bertram <[email protected] >>>> > > > <mailto:[email protected]>> >>>> > wrote: >>>> > > > >>>> > > > > By "SLDAP" are you referring to LDAP over SSL? >>>> > > > > >>>> > > > > Are you wanting to configure authentication or authorization or >>>> > > > > both? >>>> > > > > >>>> > > > > >>>> > > > > Justin >>>> > > > > >>>> > > > > On Mon, Dec 2, 2024 at 2:42 AM Ravindu Wanasinghe < >>>> > > > > [email protected] >>>> > > > > <mailto:[email protected]>> wrote: >>>> > > > > >>>> > > > > > Hi Justin, >>>> > > > > > >>>> > > > > > We are using Classic ActiveMQ. >>>> > > > > > >>>> > > > > > Regards, >>>> > > > > > Ravindu Wanasinghe. >>>> > > > > > >>>> > > > > > On Wed, 27 Nov 2024 at 21:15, Justin Bertram >>>> > > > > > <[email protected] <mailto:[email protected]>> >>>> > > > > wrote: >>>> > > > > > >>>> > > > > > > Which ActiveMQ broker are you asking about? Classic or Artemis? >>>> > > > > > > >>>> > > > > > > >>>> > > > > > > Justin >>>> > > > > > > >>>> > > > > > > >>>> > > > > > > On Wed, Nov 27, 2024 at 5:12 AM Ravindu Wanasinghe < >>>> > > > > > > [email protected] >>>> > > > > > > <mailto:[email protected]>> wrote: >>>> > > > > > > >>>> > > > > > > > Hi Team, >>>> > > > > > > > >>>> > > > > > > > Requesting s support for config SLDAP for the ActiveMQ, >>>> > > > > > > > >>>> > > > > > > > 1.Is there a possibility to config SLDAP for the Activemq ? >>>> > > > > > > > 2.If yes, please send us a document or resources for >>>> > > > > > > > reference. >>>> > > > > > > > >>>> > > > > > > > Highly appreciate your support for this. >>>> > > > > > > > >>>> > > > > > > > Thanks, >>>> > > > > > > > Ravindu >>>> > > > > > > > >>>> > > > > > > > On Wed, 27 Nov 2024 at 16:28, Ravindu Wanasinghe < >>>> > > > > > > > [email protected] >>>> > > > > > > > <mailto:[email protected]>> wrote: >>>> > > > > > > > >>>> > > > > > > > > Hi Team, >>>> > > > > > > > > >>>> > > > > > > > > Requesting s support for config SLDAP for the ActiveMQ, >>>> > > > > > > > > >>>> > > > > > > > > 1.Is there a possibility to config SLDAP for the Activemq ? >>>> > > > > > > > > 2.If yes, please send us a document or resources for >>>> > reference. >>>> > > > > > > > > >>>> > > > > > > > > Highly appreciate your support for this. >>>> > > > > > > > > >>>> > > > > > > > > Thanks, >>>> > > > > > > > > Ravindu >>>> > > > > > > > > >>>> > > > > > > > >>>> > > > > > > >>>> > > > > > >>>> > > > > >>>> > > > >>>> > > >>>> > >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> <mailto:[email protected]> >>> For additional commands, e-mail: [email protected] >>> <mailto:[email protected]> >>> For further information, visit: https://activemq.apache.org/contact >>
