Hi ,
I am somehow unable to enable authorization for active-mq broker.
i have added following users in users.properties:
admin=admin,admins
prodcon=prodcon,producers,consumers
activemq.xml has following tags;
<plugins>
<jaasAuthenticationPlugin configuration="karaf" />
<authorizationPlugin>
<map>
<authorizationMap
groupClass="org.apache.karaf.jaas.boot.principal.RolePrincipal">
<authorizationEntries>
<authorizationEntry queue=">"
read="admins"
write="admins"
admin="admins" />
<authorizationEntry queue="SCF.>"
read="consumers"
write="producers"
admin="admins" />
<authorizationEntry topic=">"
read="admins"
write="admins"
admin="admins" />
<authorizationEntry topic="SCF.>"
read="consumers"
write="producers"
admin="admins" />
<authorizationEntry topic="ActiveMQ.Advisory.>"
read="admins,consumers"
write="admins,producers"
admin="admins,consumers,producers" />
</authorizationEntries>
<tempDestinationAuthorizationEntry>
<tempDestinationAuthorizationEntry
read="consumers"
write="producers"
admin="admins"/>
</tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
then i use hawtio to log into activemq, using prodcon user but I am still
able to create queues and delete them.
Am i missing a trick here ?
Thanks for reading and your help.
I am somehow unable to enable authorization for active-mq broker.
i have added following users in users.properties:
admin=admin,admins
prodcon=prodcon,producers,consumers
activemq.xml has following tags;
<plugins>
<jaasAuthenticationPlugin configuration="karaf" />
<authorizationPlugin>
<map>
<authorizationMap
groupClass="org.apache.karaf.jaas.boot.principal.RolePrincipal">
<authorizationEntries>
<authorizationEntry queue=">"
read="admins"
write="admins"
admin="admins" />
<authorizationEntry queue="SCF.>"
read="consumers"
write="producers"
admin="admins" />
<authorizationEntry topic=">"
read="admins"
write="admins"
admin="admins" />
<authorizationEntry topic="SCF.>"
read="consumers"
write="producers"
admin="admins" />
<authorizationEntry topic="ActiveMQ.Advisory.>"
read="admins,consumers"
write="admins,producers"
admin="admins,consumers,producers" />
</authorizationEntries>
<tempDestinationAuthorizationEntry>
<tempDestinationAuthorizationEntry
read="consumers"
write="producers"
admin="admins"/>
</tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
then i use hawtio to log into activemq, using prodcon user but I am still
able to create queues and delete them.
Am i missing a trick here ?
Thanks for reading and your help.