Skip to main content
 首页 » 编程设计

java中如何限制activemq中的用户

2024年11月24日80soundcode

我是 activemq 的新手。我已经下载了最新的 activemq 5.8 并运行服务器。我已经使用以下代码创建了队列并发送示例消息:

// URL of the JMS server. DEFAULT_BROKER_URL will just mean 
    // that JMS server is on localhost 
    private static String url = ActiveMQConnection.DEFAULT_BROKER_URL; 
 
    // Name of the queue we will be sending messages to 
    private static String subject = "TESTQUEUE"; 
 
    public static void main(String[] args) throws JMSException { 
        // Getting JMS connection from the server and starting it 
        ConnectionFactory connectionFactory = 
            new ActiveMQConnectionFactory(url); 
        Connection connection = connectionFactory.createConnection(); 
        connection.start(); 
 
        // JMS messages are sent and received using a Session. We will 
        // create here a non-transactional session object. If you want 
        // to use transactions you should set the first parameter to 'true' 
        Session session = connection.createSession(false, 
            Session.AUTO_ACKNOWLEDGE); 
 
        // Destination represents here our queue 'TESTQUEUE' on the 
        // JMS server. You don't have to do anything special on the 
        // server to create it, it will be created automatically. 
        Destination destination = session.createQueue(subject); 
 
        // MessageProducer is used for sending messages (as opposed 
        // to MessageConsumer which is used for receiving them) 
        MessageProducer producer = session.createProducer(destination); 
 
        // We will send a small text message saying 'Hello' in Japanese 
        TextMessage message = session.createTextMessage("こんにちは"); 
 
        // Here we are sending the message! 
        producer.send(message); 
        System.out.println("Sent message '" + message.getText() + "'"); 
 
        connection.close(); 
    } 

我已经运行了上面的代码并成功创建了队列。现在我想限制 activemq 服务器中的用户访问。我更改了 createConnnection 方法,如下

Connection connection = connectionFactory.createConnection("test","test"); 

现在,如果我运行更改后的代码消息成功发送到队列。但是即使建立了连接,测试用户也不在 activemq 中。如何限制此用户?

<authorizationPlugin> 
    <map> 
      <authorizationMap> 
        <authorizationEntries> 
          <authorizationEntry queue=">" read="admins" write="admins" admin="admins" /> 
          <authorizationEntry queue="USERS.>" read="users" write="users" admin="users" /> 
          <authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" /> 
 
          <authorizationEntry queue="TEST.Q" read="guests" write="guests" /> 
 
          <authorizationEntry topic=">" read="admins" write="admins" admin="admins" /> 
          <authorizationEntry topic="USERS.>" read="users" write="users" admin="users" /> 
          <authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" /> 
 
          <authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/> 
        </authorizationEntries> 
      </authorizationMap> 
    </map> 
  </authorizationPlugin> 
</plugins> 

上面的文件是activemq.xml。现在我只想仅访问某些用户的队列。

如何限制actviemq中的用户?我需要对 activemq.xml 文件进行哪些更改?

请您参考如下方法:

参见 ActiveMQ 文档:http://activemq.apache.org/security.html

在activemq.xml中:

定义您要在“目的地”部分创建的队列。 您可以通过在“用户”部分中定义组来控制权限。 在“authorizationEntries”部分中,您可以定义允许哪些组读取、写入和管理队列。

activemq.xml的Framgent:

<destinations>				 
			<queue physicalName="DEMOQUEUE01" /> 
			<queue physicalName="DEMOQUEUE02" /> 
			<queue physicalName="DEMOQUEUE03" /> 
</destinations>	 
 
<plugins>		 
			<simpleAuthenticationPlugin anonymousAccessAllowed="false"> 
			  <users>	 
				<authenticationUser username="admin"      	password="admin"    			groups="usuarios,users,admins"/> 
				<authenticationUser username="system"     	password="manager"    			groups="usuarios,users,admins"/>	 
	 
				<authenticationUser username="youruser1" password="password123" groups="GROUP01,DEMOGROUP"/>	 
			    <authenticationUser username="youruser2" password="password456" groups="GROUP01,OTHERGROUP"/>	 
			  </users> 
			</simpleAuthenticationPlugin> 
			<authorizationPlugin> 
			  <map> 
				<authorizationMap> 
				  <authorizationEntries>				 
					<authorizationEntry queue = "DEMOQUEUE01" read="admins,GROUP01" write="admins,GROUP01" admin="admins"/> 
					<authorizationEntry queue = "DEMOQUEUE02"  read="admins,DEMOGROUP" write="admins"  admin="admins"/> 
					<authorizationEntry queue = "DEMOQUEUE03"  read="admins,OTHERGROUP" write="admins,OTHERGROUP"  admin="admins"/> 
					 
					<authorizationEntry queue=">" read="admins" write="admins" admin="admins" /> 
					<authorizationEntry topic=">" read="usuarios,admins,GROUP01" write="usuarios,admins,GROUP01" admin="usuarios" /> 
				  </authorizationEntries> 
				</authorizationMap> 
			  </map> 
			</authorizationPlugin> 
</plugins>