我是activemq的新手。我已下载最新的activemq 5.8并运行服务器。我已使用以下代码创建了队列并发送示例消息:
// URL of the JMS server. DEFAULT_BROKER_URL will just mean
// that JMS server is on localhost
private static String url = ActiveMQConnection.DEFAULT_BROKER_URL;
// Name of the queue we will be sending messages to
private static String subject = "TESTQUEUE";
public static void main(String[] args) throws JMSException {
// Getting JMS connection from the server and starting it
ConnectionFactory connectionFactory =
new ActiveMQConnectionFactory(url);
Connection connection = connectionFactory.createConnection();
connection.start();
// JMS messages are sent and received using a Session. We will
// create here a non-transactional session object. If you want
// to use transactions you should set the first parameter to 'true'
Session session = connection.createSession(false,
Session.AUTO_ACKNOWLEDGE);
// Destination represents here our queue 'TESTQUEUE' on the
// JMS server. You don't have to do anything special on the
// server to create it, it will be created automatically.
Destination destination = session.createQueue(subject);
// MessageProducer is used for sending messages (as opposed
// to MessageConsumer which is used for receiving them)
MessageProducer producer = session.createProducer(destination);
// We will send a small text message saying 'Hello' in Japanese
TextMessage message = session.createTextMessage("こんにちは");
// Here we are sending the message!
producer.send(message);
System.out.println("Sent message '" + message.getText() + "'");
connection.close();
}
我已经运行了上面的代码和队列成功创建。现在我想在activemq server中限制用户访问。我更改了createConnnection方法,如下所示
Connection connection = connectionFactory.createConnection("test","test");
现在,如果我运行已更改的代码消息成功发送到队列。但是,即使建立连接,测试用户也不在activemq中。如何限制此用户?
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry queue="TEST.Q" read="guests" write="guests" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
<authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
在上面的文件中是activemq.xml。现在我只想访问某些用户的队列。
如何限制actviemq中的用户?我需要在activemq.xml文件上面进行哪些更改?
答案 0 :(得分:0)
请参阅ActiveMQ doc:http://activemq.apache.org/security.html
在activemq.xml中:
在“目标”部分中定义要创建的队列。 您可以通过在“用户”部分中定义组来控制权限。 在“authorizationEntries”部分中,您可以定义允许读取,写入和管理队列的组。
activemq.xml的Framgent:
<destinations>
<queue physicalName="DEMOQUEUE01" />
<queue physicalName="DEMOQUEUE02" />
<queue physicalName="DEMOQUEUE03" />
</destinations>
<plugins>
<simpleAuthenticationPlugin anonymousAccessAllowed="false">
<users>
<authenticationUser username="admin" password="admin" groups="usuarios,users,admins"/>
<authenticationUser username="system" password="manager" groups="usuarios,users,admins"/>
<authenticationUser username="youruser1" password="password123" groups="GROUP01,DEMOGROUP"/>
<authenticationUser username="youruser2" password="password456" groups="GROUP01,OTHERGROUP"/>
</users>
</simpleAuthenticationPlugin>
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue = "DEMOQUEUE01" read="admins,GROUP01" write="admins,GROUP01" admin="admins"/>
<authorizationEntry queue = "DEMOQUEUE02" read="admins,DEMOGROUP" write="admins" admin="admins"/>
<authorizationEntry queue = "DEMOQUEUE03" read="admins,OTHERGROUP" write="admins,OTHERGROUP" admin="admins"/>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic=">" read="usuarios,admins,GROUP01" write="usuarios,admins,GROUP01" admin="usuarios" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>