加密密码在activemq中不起作用

时间:2016-10-19 15:03:10

标签: encryption activemq

我正在尝试加密用于建立和连接到activemq队列的密码。我正在跟进HERE步骤,我可以使用新的activemq-security.xml文件启动activemq。我有一个脚本,它试图创建并连接到队列,但我不断收到用户名或密码无效的错误。

我为消费者用户加密了密码,并将加密的密码存储在credentials-enc.properties文件中,如:

consumer.password=ENC(awknernfjewnwk)

我尝试了不同的东西,我确信凭借某些原因没有获取凭证--enc.properties,这里是如何定义的:

        <beans
          xmlns="http://www.springframework.org/schema/beans"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
          http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">

        <bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
          <property name="algorithm" value="PBEWithMD5AndDES" />
          <property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
        </bean>

        <bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
          <property name="config" ref="environmentVariablesConfiguration" />
        </bean>

        <bean id="propertyConfigurer" class="org.jasypt.spring31.properties.EncryptablePropertyPlaceholderConfigurer">
          <constructor-arg ref="configurationEncryptor" />
          <property name="location" value="file:${activemq.base}/conf/credentials-enc.properties"/>
        </bean>

   <!-- Allows accessing the server log -->
    <bean id="logQuery" class="io.fabric8.insight.log.log4j.Log4jLogQuery"
          lazy-init="false" scope="singleton"
          init-method="start" destroy-method="stop">
    </bean>

    <!--
        The <broker> element is used to configure the ActiveMQ broker.
    -->
    <broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" advisorySupport="false" dataDirectory="${activemq.data}">
        <plugins>
             <simpleAuthenticationPlugin>
                    <users>
                        <authenticationUser username="admin" password="admin"
                            groups="admins"/>
                        <authenticationUser username="consumer" password="$(consumer.password)"
                            groups="readers"/>
                        <authenticationUser username="producer" password="$(producer.password)"
                            groups="writers"/>
                    </users>
                </simpleAuthenticationPlugin>
              <authorizationPlugin>
               <map>
                <authorizationMap>
                   <authorizationEntries>
                     <authorizationEntry queue=">" read="readers" write="admins" admin="admins" />
                     <authorizationEntry queue="CLIMATE" read="readers" write="writers" admin="admins" />
                     <authorizationEntry topic=">" read="admins,readers" write="admins,writers" admin="admins" />
                   </authorizationEntries>
                   <tempDestinationAuthorizationEntry>
                     <tempDestinationAuthorizationEntry read="admins" write="admins" admin="admins"/>
                   </tempDestinationAuthorizationEntry>
                </authorizationMap>
              </map>
           </authorizationPlugin>
          </plugins>
        <destinationPolicy>
            <policyMap>
              <policyEntries>
                <policyEntry topic=">" >
                    <!-- The constantPendingMessageLimitStrategy is used to prevent
                         slow topic consumers to block producers and affect other consumers
                         by limiting the number of messages that are retained
                         For more information, see:

                         http://activemq.apache.org/slow-consumer-handling.html

                    -->
                  <pendingMessageLimitStrategy>
                    <constantPendingMessageLimitStrategy limit="1000"/>
                  </pendingMessageLimitStrategy>
                </policyEntry>
              </policyEntries>
            </policyMap>
        </destinationPolicy>

下面是我收到的错误日志的图片: enter image description here

配置传输连接器

<transportConnectors>
    <!-- DOS protection, limit concurrent connections to 1000 and frame size to 100MB -->
    <transportConnector name="openwire" uri="tcp://0.0.0.0:61617?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
    <transportConnector name="amqp" uri="amqp://0.0.0.0:5672?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
    <transportConnector name="stomp" uri="stomp://0.0.0.0:61613?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
    <transportConnector name="mqtt" uri="mqtt://0.0.0.0:1883?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
    <transportConnector name="ws" uri="ws://0.0.0.0:61614?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
</transportConnectors>

任何想法可能是什么原因?

提前致谢!

1 个答案:

答案 0 :(得分:1)

事实上,问题非常简单,你使用变量 $(producer.password),但是错了,你需要 $ {producer.password} !! < / p>

就是这样。

请注意,必须创建队列“CLIMATE”,因为用户“consumer”不在admins组中且无法创建它。

相关问题
最新问题