Reputation: 3186
I'm new to ActiveMQ so please bear with me if my question seem dumb :D
I have installed activemq on a CentOS machine and I'm connecting to it for writing to the qeueue and consuming from the queue through the admin user (which I dont think its the ideal way). I'm wondering if I can create a user for read only to read (consume) from the queue and another user for write only or just a single user who has read/write privileges only so this user wont be able to delete the queue or do anything that its not supposed to do.
I tried youtube and checked out activemq security documentation which talks about simple plugin and tried it but I'm not sure if I'm doing the right thing or reading the right resource?
Thanks in advance!
Upvotes: 4
Views: 2694
Reputation: 574
ActiveMQ works on different login and authorization modules , by default it picks up the PropertyLoginModule in the karaf realm. This is the admin user you are talking about. /etc/users.properties file contains these users and groups.
For Authorization you have plugins in the activemq.xml which can provide fine grained control on the Queues , Topics , Advisories and temporary queues.
The idea is to group users and provide them with read / write /admin access to Queues , you can specify all the queues your application has one by one , group them with wildchars ( as per AMQ doc ).
You can edit the users.properties file and add a few more users and tie up these users in authentication and authorization sections.
Also there are LDAP and SSL modules available for authorization and authentication.
Upvotes: 1