Reputation: 15876
javax.jms.JMSSecurityException: Unable to validate user: null
Environment:
Jboss 7.1.0 OS Windows
I am trying a simple test to try out JMS using Jboss with the built in HornetQ JMS provider. After a lot of playing around i managed to get a response with this configuration
final Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
env.put(Context.PROVIDER_URL, "remote://localhost:4447");
env.put(Context.SECURITY_PRINCIPAL, "appuser2");
env.put(Context.SECURITY_CREDENTIALS, "s3cr3t");
The problem though is that when i run it i get the following error:
javax.jms.JMSSecurityException: Unable to validate user: null
at org.hornetq.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:286)
at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(ClientSessionFactoryImpl.java:695)
at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSession(ClientSessionFactoryImpl.java:264)
at org.hornetq.jms.client.HornetQConnection.authorize(HornetQConnection.java:589)
at org.hornetq.jms.client.HornetQConnectionFactory.createConnectionInternal(HornetQConnectionFactory.java:694)
at org.hornetq.jms.client.HornetQConnectionFactory.createConnection(HornetQConnectionFactory.java:121)
at org.hornetq.jms.client.HornetQConnectionFactory.createConnection(HornetQConnectionFactory.java:116)
at com.jms.client.ConsoleClient.runExample(ConsoleClient.java:51)
at com.jms.client.ConsoleClient.main(ConsoleClient.java:20)
Caused by: HornetQException[errorCode=105 message=Unable to validate user: null]
... 9 more
I have been looking around on Google and every example seems to point to how to configure the security settings with HornetQ as a standalone server. I cant figure out how to configure the user on Jboss and whether i even need to.
Any ideas?
Upvotes: 5
Views: 21882
Answers (7)
Reputation: 21
If someone is using JBoss EAP 7.2 version, then here is the solution.
If you don't want to disable the security by adding the tag <security enabled="false"/>, and wish to authenticate with username and password, then please follow the below steps.
- Whatever username (say, 'jmsuser') and password (say, 'pass') you have written in your code, that exact user ('jmsuser') needs to be created first in JBoss. Please use the add-user utility under bin folder and add the user as an application user and assign it to the "guest" role, when prompted.
After the above step, the username and the role details can be found in the application-role.properties and application-users.properties file \standalone\configuration path.
Restart the JBoss server.
Assuming you are using JMS 2.0 specification, then create the JMSContext like below.
JMSContext jmsCtx = connectionFactory.createContext("jmsuser", "pass");
- Run the code now and you will not face this error again.
Upvotes: 2
Reputation: 1577
If you are using WildFly 10+ (I use WildFly 18), you have to disable security by adding:
<security enabled="false"/>
in your standalone-full.xml (wildFly directory/standalone/configuration) inside of:
<subsystem xmlns="urn:jboss:domain:messaging-activemq:8.0">
and
<server name="default">
Something like that:
<subsystem xmlns="urn:jboss:domain:messaging-activemq:8.0">
<server name="default">
<!-- Disable security with the following row, otherwise of course it will give error without authentication in java -->
<security enabled="false"/>
<statistics enabled="${wildfly.messaging-activemq.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
<security-setting name="#">
<role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>
</security-setting>
<address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10"/>
<http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/>
<http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput">
<param name="batch-delay" value="50"/>
</http-connector>
<in-vm-connector name="in-vm" server-id="0">
<param name="buffer-pooling" value="false"/>
</in-vm-connector>
<http-acceptor name="http-acceptor" http-listener="default"/>
<http-acceptor name="http-acceptor-throughput" http-listener="default">
<param name="batch-delay" value="50"/>
<param name="direct-deliver" value="false"/>
</http-acceptor>
<in-vm-acceptor name="in-vm" server-id="0">
<param name="buffer-pooling" value="false"/>
</in-vm-acceptor>
<jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>
<jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>
<!-- Adding a new queue -->
<jms-queue name="ShippingQueue" entries="java:jboss/exported/jms/queue/ShippingQueue"/>
<connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
<connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector"/>
<pooled-connection-factory name="activemq-ra" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm" transaction="xa"/>
</server>
</subsystem>Check on: https://developer.jboss.org/thread/271457
Upvotes: 1
Reputation: 847
Add the queue to jboss using from cli:
jms-topic add --topic-address=testTopic -–entries=topic/test,java:jboss/exported/jms/topic/test
Add the user as follows:
add-user.bat -a -u mquser -p mqpassword -g guest
Consumer paste the code in main method:
Properties properties = new Properties();
properties.put(Context.INITIAL_CONTEXT_FACTORY,"org.wildfly.naming.client.WildFlyInitialContextFactory");
properties.put(Context.PROVIDER_URL, "http-remoting://localhost:8080");
properties.put("jboss.naming.client.ejb.context", true);
properties.put("java.naming.security.principal", "mquser");
properties.put("java.naming.security.credentials", "mqpassword");
properties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
QueueConnection cnn = null;
QueueSender sender = null;
QueueSession session = null;
InitialContext ctx = new InitialContext(properties);
Queue queue = (Queue) ctx.lookup("jms/queue/tests");
QueueConnectionFactory factory = (QueueConnectionFactory) ctx.lookup("jms/RemoteConnectionFactory");
cnn = factory.createQueueConnection("mquser", "mqpassword");
cnn.start();
session = cnn.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
TextMessage msg = session.createTextMessage("Hello World");
sender = session.createSender(queue);
sender.send(msg);
System.out.println("Message sent successfully to remote queue.");
@MessageDriven(name = "ExampleMDB", activationConfig = {
@ActivationConfigProperty(propertyName = "destination", propertyValue = "testQueues"), @ActivationConfigProperty(propertyName = "destinationType", propertyValue = "javax.jms.Queue"),
@ActivationConfigProperty(propertyName = "acknowledgeMode", propertyValue = "Auto-acknowledge")
public class ExampleMDB implements MessageListener {
/**
* Default constructor.
*/
public ExampleMDB() {
// TODO Auto-generated constructor stub
}
@Override
public void onMessage(Message arg0) {
System.out.println("----------------");
try {
System.out.println("Received message" + ((TextMessage)arg0).getText());
} catch (JMSException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
System.out.println("----------------");
}
}
Upvotes: 0
Reputation: 547
Check your standalone-full.xml. If the configurations for role in urn:jboss:domain:messaging-activemq:1.0 look like this:
<security-setting name="#">
<role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>
</security-setting>
Then, you have to:
- Create a guest user (make sure you set the role
guestto the user); - Set initial context as below:
Properties props = new Properties();
props.put(Context.PROVIDER_URL, "http-remoting://localhost:8080");
props.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
props.put(Context.SECURITY_PRINCIPAL, "username");
props.put(Context.SECURITY_CREDENTIALS, "password");
InitialContext ctx = new InitialContext(props);
- Create context as below:
ConnectionFactory cf = (ConnectionFactory) ctx.lookup("jms/RemoteConnectionFactory");
Queue queue = (Queue) ctx.lookup("jms/queue/queueName");
JMSContext context = cf.createContext("username", "password");
Upvotes: 3
Reputation: 181
It seems that you create a QueueConnection with a username and password as following:
QueueConnection qcon = qconFactory.createQueueConnection("appuser2","s3cr3t");
If you don't do this you will get this error
Unable to validate user: null.
And if you do not want to use username and password, you can set security-enabled with value false as following:
<subsystem xmlns="urn:jboss:domain:messaging:1.1">
<hornetq-server>
<security-enabled>false</security-enabled>
......
</hornetq-server>
</subsystem>
Then you can create a QueueConnection without a username and password as following:
QueueConnection qcon = qconFactory.createQueueConnection();
Upvotes: 18
Reputation: 21
it worked for me. I just added following in standalone-full.xml:
<security-enabled>false</security-enabled>
Upvotes: 2
Reputation: 40
I agree with Sergiu and would add the queue can be set up without requiring username and password.
Upvotes: 0
Related Questions
- JMS Session Creation Failure
- Spring JMS HornetQ user is null
- Jboss EAP 6.3: HQ119031: Unable to validate user: null
- javax.jms.JMSSecurityException: User name [null] or password is invalid
- JAAS authentication in JMS using WildFly : javax.jms.JMSSecurityException: HQ119032: User: null doesnt have permission=SEND on address {2}
- Jboss EAP 6.3: HQ119031: Unable to validate user: USERNAME
- HornetQ Unable to validate user
- ClientSession is closed by HornetQ
- Jboss 7.1 JMS with Spring authentication error
- HornetQ JMSException: Failed to create session factory