2 Replies Latest reply on Feb 1, 2013 6:59 AM by alstsever_alain.saint-sever

    JAAS Authentication for ActiveMQ in Fabric

    alstsever_alain.saint-sever
    alstsever_alain.saint-sever Jan 30, 2013 9:38 AM

      Hi,

       

      I have defined a JAAS Realm for ActiveMQ authentication as follows:

       

        <jaas:config name="myRealm">

              <jaas:module className="org.apache.activemq.jaas.PropertiesLoginModule" flags="required">

                  org.apache.activemq.jaas.properties.user = $\[karaf.base\]/etc/my.mq.users.properties

                  org.apache.activemq.jaas.properties.group = $\[karaf.base\]/etc/my.mq.groups.properties

              </jaas:module>

          </jaas:config>

       

      This works fine in a standalone (ie non fabric) ESB container.

       

      But how can I make this works when I deploy such realm in a fabric container? I cannot deploy my properties file into the remote fabric etc folder. Shoud I have to use a syntax like 'zk:/fabric/configs/versions/1.0/profiles/xxx/my.mq.users.properties' instead of '$\[karaf.base\]/etc/my.mq.users.properties' ?

       

      An opened issue already exists on this matter FABRIC-205.

       

      Thanks.

       

      Edited by: alstsever on Jan 30, 2013 2:36 PM

      • 124 Views
      • Tags:
        • 1. Re: JAAS Authentication for ActiveMQ in Fabric
          iocanel
          iocanel Feb 1, 2013 5:16 AM (in response to alstsever_alain.saint-sever)

          If you store my.mq.users.properties under /fabric/configs/versions/1.0/profiles/xxx/ then all containers using xxx 1.0 profile will save it under etc/my.mq.users.cfg. So you could just point to that file instead.

           

          Now directly referencing the zk node that holds the configuration using the zk: property handler is a smart thought. But I am not 100% sure how if activemq will pick any url or if it just expects a file, so I am not sure if it will work.

            • Actions
          • 2. Re: JAAS Authentication for ActiveMQ in Fabric
            alstsever_alain.saint-sever
            alstsever_alain.saint-sever Feb 1, 2013 6:59 AM (in response to iocanel)

            I just did it again to be sure:

            when I deploy a container (remote one) with a profile with my.mq.users.properties then there is no etc/my.mq.users.cfg file. Is it a bug?

             

            On the other hand the config:list command displays:

             

            Pid:            my.is.mq.users

            BundleLocation: null

            Properties:

               service.pid = my.is.mq.users

               operator = operator

               fabric.zookeeper.pid = my.is.mq.users

             

            But without the file being copied into etc folder I cannot use the following configuration:

             

            <jaas:config name="myRealm">

               <jaas:module className="org.apache.activemq.jaas.PropertiesLoginModule" flags="required">

                  org.apache.activemq.jaas.properties.user = $\[karaf.base\]/etc/my.mq.users.cfg

                  org.apache.activemq.jaas.properties.group = $\[karaf.base\]/etc/my.mq.groups.cfg

               </jaas:module>

            </jaas:config>

              • Actions