activemq


Unable to define correct authorization rules… topic://ActiveMQ.Advisory.Producer.Queue.Q1


I am new to the ActiveMQ. I am trying to create two Queue Q1 and Q2, client1 and clients will write on the corresponding Qs. I am reading from the Queues as admin and it is running on the broker machine fine.
The issue is with producer side, they are reporting following error.
JMSSecurityException: User client1 is not authorized to create: topic://ActiveMQ.Advisory.Producer.Queue.Q1
Following is the way I defining the simple authorization in activemq file. Please find the attachment full activemq.xml.
Could anyone help in resolving this issue.... Much appreciarted
<plugins>
<!-- use JAAS to authenticate using the login.config file on the classpath to configure JAAS -->
<!-- <jaasAuthenticationPlugin configuration="activemq" /> -->
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="admin" password="${admin.password}"
groups="admins"/>
<authenticationUser username="testuser1" password="${testuser1.password}"
groups="testusers1"/>
<authenticationUser username="blbuser" password="${blbuser.password}" groups="client1"/>
<authenticationUser username="bpmuser" password="${bpmuser.password}" groups="client2"/>
</users>
</simpleAuthenticationPlugin>
<!-- lets configure a destination based authorization mechanism -->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="Q1" read="admins" write="client1" admin="admins" />
<authorizationEntry queue="Q2" read="admins" write="client2" admin="admins" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="admins,client1,client2" write="admins,client1,client2" admin="admins"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
You configuration grants admin right only to those in the admin group however that prevents the client connection from creating the advisory topics since creation of a destination is considered an admin function. If you put the client groups into the admin role for the advisory bit then they should be able to create them, otherwise you will need to manually create all the needed advisory topics yourself before the clients start interacting with the broker.

Related Links

Is there a way to dump messages from an ActiveMQ queue and then reimport them?
ActiveMQ replicated levelDB with zookeeper, client must know all brokers?
Flush Messages in wildfly 10 (activemq) programatically
ActiveMQ - Update on Connect?
Programatically disable ActiveMQ message redelivery
How many message Id should I cache to avoid duplicate messages in ActiveMQ?
Unable to configure a distributed transaction involving ActiveMQ and embedded H2 with Atomikos
ActiveMQ network subscription issue
ActiveMQ Fail over issue with MySql DB
Active Mq : How to stop active mq from creating queue which doesnt exist
Cannot shutdown activeMQ gracefully after JMX port change
Why does a POST to an Apache ActiveMQ using the REST API add a linefeed to the end of the message?
Is it possible to have both kahaDB and memoryPersistenceAdapter for different queues in Activemq?
Is ActiveMQ really that bad in clustering?
Disable DLQ and re-delivery for ActivemMQ messages
activemq tuning for 20000 threads

Categories

HOME
jboss
artificial-intelligence
xcode8.1
jms
redmine
swi-prolog
operating-system
mousemove
compilation
message-queue
websocket
fogbugz
azure-mobile-services
share
roku
azure-graph-api
lc3
solution
sslhandshakeexception
pushdown-automaton
jpa-2.0
sql-injection
xbox360
vmware-workstation
cpu-usage
significance
home
spring-ldap
fido-u2f
firemonkey-style
jpa-2.1
beego
bonita
delayed-job
rspec-rails
microsoft-certifications
bean-validation
cordys-opentext
swfupload
netapp
coverage.py
dagger
httphandler
moinmoin
destroy
aws-kinesis-firehose
icecast
ol3-google-maps
skip-lists
palindrome
lvalue
gapi
okio
callouts
cdo.message
dojo-build
static-methods
simian
adjacency-list
mercurial-extension
trust
myfaces
stack-smash
android-studio-import
domino-designer-eclipse
android-handler
bootstrap-wysiwyg
flow-js
deque
sablecc
html-escape-characters
lifetime
n-tier-architecture
xcode6.3.1
aho-corasick
jini
incognito-mode
wso2bam
jms-serializer
lsa
django-settings
facebook-game-groups
vlab
coalesce
postgres-xc
sunstudio
statechart
jbox2d
multiple-dispatch
idispatch
type-safety
boost-foreach
filelock
startupscript
jquery-1.4
mongrel
aggregator
dm
3270
ning

Resources

Database Users
RDBMS discuss
Database Dev&Adm
javascript
java
csharp
php
android
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App