ActiveMQ安全机制的介绍
安全机制一般包含验证(Authentication)和授权(Authorization)两部分。在ActiveMQ中,验证指通过访问者的用户名和密码实现用户身份的验证,授权指为消息目标(队列或主题)的读、写、管理指定具有相应权限的用户组,并为用户分配权限。ActiveMQ的安全机制基于插件实现。
ActiveMQ提供两种验证插件,分别是:
1)Simple authentication plugin-in;
2)JAAS(Java Authentication and Authorization Service)authentication plugin-in。
ActiveMQ提供一种授权插件:Authorization plugin-in。
一、简单的安全认证(使用SimpleAuthenticationPlugin)?
(1)设置证书文件,放用户名和密码:${activemq.conf}/credentials.properties?
activemq.username=system activemq.password=manager
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://activemq.apache.org/schema/core
http://activemq.apache.org/schema/core/activemq-core.xsd">
? ? ?<!--加载属性配置文件-->
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<value>file:${activemq.conf}/credentials.properties</value>
</property>
</bean>
<broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" dataDirectory="${activemq.data}">
<!--在Broker中,配置插件-->
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="${activemq.username}" password="${activemq.password}" groups="users,admins"/>
</users>
</simpleAuthenticationPlugin>
</plugins>
......
</broker>
</beans>
?@Bean
public PooledConnectionFactory PooledConnectionFactory(){
ActiveMQConnectionFactory connectionFactory = new ActiveMQConnectionFactory();
connectionFactory.setBrokerURL(MQ_URL);
connectionFactory.setUserName("system"); //用户名
connectionFactory.setPassword("manager"); //密码
PooledConnectionFactory PooledConnectionFactory = new PooledConnectionFactory();
PooledConnectionFactory.setConnectionFactory(connectionFactory);
return PooledConnectionFactory;
}
?原文:http://haoran-10.iteye.com/blog/2258898