Reputation: 2009
ActiveMQ: adding users and console access
With reference to the ActiveMQ security documentation at http://activemq.apache.org/security.html, I'm trying to add a new user to my ActiveMQ configuration. This user should only be able to see a subset of the available queues.
I have done the following:
1) Added an entry in users.properties:
myuser=mypassword
2) Added an entry in groups.properties:
publishers=admin,myuser
consumers=admin,myuser
3) Added an entry to activemq.xml, in the plugins element of the broker element:
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="MYQUEUEPREFIX.>" read="consumers" write="publishers" admin="admins" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
When I restart ActiveMQ and access the admin console at myServerURL:8161/admin, I enter the newly created username and password (myuser/mypassword) in the supplied "Authentication required" box but it doesn't give me access to the console. The only way I can get in is by using the already-defined "admin" user.
Upvotes: 2
Views: 15171
Answers (1)
Reputation: 2009
There is a difference between getting access to ActiveMQ queues via the broker and accessing the ActiveMQ web console. One has to modify the conf/jetty-realm.properties file in order to grant access to the latter.
Upvotes: 5
Related Questions
- ActiveMQ console not available
- Setting Up ActiveMQ
- ActiveMQ web console isn't working
- adding the admin user to access the activemq queues
- how to set read/write permissions on ActiveMQ?
- Configuring authorization for activemq
- activemq User is not authorized to create: topic://ActiveMQ.Advisory.Connection
- Read-only web console access in ActiveMQ
- How to build an ActiveMQ client application?
- ActiveMQ startup guide