ActiveMQ(3) ActiveMQ創建(simpleAuthenticationPlugin)安全認證

控制端安全認證:

ActiveMQ目錄conf下jetty.xml:

<bean id="securityLoginService" class="org.eclipse.jetty.security.HashLoginService">
    <property name="name" value="ActiveMQRealm" />
    <property name="config" value="${activemq.conf}/jetty-realm.properties" />
</bean>

<bean id="securityConstraint" class="org.eclipse.jetty.util.security.Constraint">
    <property name="name" value="BASIC" />
    <property name="roles" value="user,admin" />
    <!-- set authenticate=false to disable login -->
    <property name="authenticate" value="true" />
</bean>

<property name="authenticate" value="true" />  true: 需要認證   false: 不需要認證

ActiveMQ目錄conf下jetty-realm.properties:

# Defines users that can access the web (console, demo, etc.)
# username: password [,rolename ...]
admin: admin, admin
user: user, user

認證用戶名: 認證密碼 [,角色名稱 ...]

注意: 配置需重啟ActiveMQ才會生效。

 

客戶端安全認證:

simpleAuthenticationPlugin 認證: 直接把相關的認證插件配置到xml文件中

ActiveMQ目錄conf下activemq.xml的broker元素中添加插件：

<plugins>
    <simpleAuthenticationPlugin>
        <users>
            <authenticationUser username="admin" password="admin" groups="admins,publishers,consumers"/>
            <authenticationUser username="publisher" password="publisher"  groups="publishers,consumers"/>
            <authenticationUser username="consumer" password="consumer" groups="consumers"/>
            <authenticationUser username="guest" password="guest"  groups="guests"/>
        </users>
    </simpleAuthenticationPlugin>
</plugins>

在代碼中認證:

ConnectionFactory connectionFactory = new ActiveMQConnectionFactory(Constants.AUTHENTICATION_USERNAME_ADMIN,
                Constants.AUTHENTICATION_PASSWORD_ADMIN, "tcp://localhost:61616");

 重啟ActiveMQ, 使配置生效。

 

用戶名和密碼認證失敗會拋出異常：

Exception in thread "main" javax.jms.JMSSecurityException: User name [ddd] or password is invalid.
    at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:52)
    at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1399)
    at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1478)
    at org.apache.activemq.ActiveMQConnection.start(ActiveMQConnection.java:527)
    at com.itdoc.learn.activemq.helloworld.Sender.main(Sender.java:35)
Caused by: java.lang.SecurityException: User name [ddd] or password is invalid.
    at org.apache.activemq.security.SimpleAuthenticationBroker.authenticate(SimpleAuthenticationBroker.java:103)
    at org.apache.activemq.security.SimpleAuthenticationBroker.addConnection(SimpleAuthenticationBroker.java:71)
    at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
    at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:843)
    at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:77)
    at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:139)
    at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:330)
    at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:194)
    at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:50)
    at org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:125)
    at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
    at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
    at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:233)
    at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:215)
    at java.lang.Thread.run(Unknown Source)

認證成功代碼:

消息生產者:

/**
 * @filename Sender.Java
 * @desc 消息生產者
 * @blog http://www.cnblogs.com/goodcheap
 * @author Chinda Wang
 * @create 2017-12-02 16:06
 * @version v1.0
 * @copyright Copyright © 2017 達華信息科技有限公司 版權所有
 * @modifyhistory 2017-12-02 16:06
 * @modifyauthor Chinda Wang
 * @modifydesc
 */
package com.itdoc.learn.activemq.helloworld;

import com.itdoc.learn.activemq.common.Constants;
import org.apache.activemq.ActiveMQConnectionFactory;

import javax.jms.*;

/**
 * @author Chinda Wang
 * @desc 消息生產者
 * @create 2017-12-02 16:06
 */
public class Sender {

    public static void main(String[] args) throws Exception {


        // 第一步: 建立 ConnectionFactory 工廠對象, 需要填入用戶名、密碼、以及要連接的地址, 均使用默認即可, 默認端口為"tcp//loclhost:61616"
        ConnectionFactory connectionFactory = new ActiveMQConnectionFactory(Constants.AUTHENTICATION_USERNAME_ADMIN,
                Constants.AUTHENTICATION_PASSWORD_ADMIN, "tcp://localhost:61616");
        // 第二步: 通過ConnectionFactory工廠對象創建一個Connection連接, 並且調用Connection的start方法開啟連接, Connection默認是關閉的。
        Connection connection = connectionFactory.createConnection();
        connection.start();
        /*
         * 第三步: 通過Connection對象創建Session會話(上下文環境對象), 用於接收消息, 參數位置1為是否啟用事務, 參數位置2為簽收模式,
         * 一般設置為自動簽收。
         */
        Session session = connection.createSession(Boolean.FALSE, Session.AUTO_ACKNOWLEDGE);
        /*
         * 第四步: 通過Session創建Destination對象, 指的是一個客戶端用來指定生產消息目標和消費消息來源的對象, 在PTP模式中, Destination
         * 被稱作為Queue, 即隊列; 在Pub/Sub模式, Destination被稱作Topic, 即主題。在程序中可以使用多個Queue和Topic。
         */
        Destination destination = session.createQueue("queue1");
        // 第五步: 需要通過Session對象創建消息的發送和接收對象(生產者和消費者)MessageProducer/MessageConsumer
        MessageProducer producer = session.createProducer(destination);
        // 第六步: 可以使用MessageProducer的setDeliveryMode()方法為其設置持久化特性和非持久化特性(DeliveryMode)。
        producer.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
        /*
         * 第七步: 使用JMS規范的TextMessage形式創建數據(通過Session對象), 並用MessageProducer的send()方法發送數據。同理, 客戶端使用
         * receive()方法進行接收數據。
         */
        TextMessage textMessage = session.createTextMessage();
        for (int i = 1; i <= 10; i++) {
            textMessage.setText("I am Message! id: " + i);
            producer.send(textMessage);
            System.out.println("生產者: " + textMessage.getText());
        }
        // 第八步: 關閉Connection連接
        if (connection != null) {
            connection.close();
        }
    }
}

 消息消費者:

/**
 * @filename Receiver.Java
 * @desc 消息消費者
 * @blog http://www.cnblogs.com/goodcheap
 * @author Chinda Wang
 * @create 2017-12-02 16:07
 * @version v1.0
 * @copyright Copyright © 2017 達華信息科技有限公司 版權所有
 * @modifyhistory 2017-12-02 16:07
 * @modifyauthor Chinda Wang
 * @modifydesc
 */
package com.itdoc.learn.activemq.helloworld;

import com.itdoc.learn.activemq.common.Constants;
import org.apache.activemq.ActiveMQConnectionFactory;

import javax.jms.*;

/**
 * @desc 消息消費者
 * @author Chinda Wang
 * @create 2017-12-02 16:07
 */
public class Receiver {

    public static void main(String[] args) throws Exception {
        // 第一步: 建立 ConnectionFactory 工廠對象, 需要填入用戶名、密碼、以及要連接的地址, 均使用默認即可, 默認端口為"tcp//loclhost:61616"
        ConnectionFactory connectionFactory = new ActiveMQConnectionFactory(
                Constants.AUTHENTICATION_USERNAME_GUEST,
                Constants.AUTHENTICATION_PASSWORD_GUEST,
                "tcp://localhost:61616");
        // 第二步: 通過ConnectionFactory工廠對象創建一個Connection連接, 並且調用Connection的start方法開啟連接, Connection默認是關閉的。
        Connection connection = connectionFactory.createConnection();
        connection.start();
        /*
         * 第三步: 通過Connection對象創建Session會話(上下文環境對象), 用於接收消息, 參數位置1為是否啟用事務, 參數位置2為簽收模式,
         * 一般設置為自動簽收。
         */
        Session session = connection.createSession(Boolean.FALSE, Session.AUTO_ACKNOWLEDGE);
        /*
         * 第四步: 通過Session創建Destination對象, 指的是一個客戶端用來指定生產消息目標和消費消息來源的對象, 在PTP模式中, Destination
         * 被稱作為Queue, 即隊列; 在Pub/Sub模式, Destination被稱作Topic, 即主題。在程序中可以使用多個Queue和Topic。
         */
        Destination destination = session.createQueue("queue1");
        // 第五步: 需要通過Session對象創建消息的發送和接收對象(生產者和消費者)MessageProducer/MessageConsumer
        MessageConsumer consumer = session.createConsumer(destination);
        /*
         * 第六步: 使用JMS規范的TextMessage形式創建數據(通過Session對象), 並用MessageProducer的send()方法發送數據。同理, 客戶端使用
         * receive()方法進行接收數據。
         */
        while (true) {
            TextMessage msg = (TextMessage) consumer.receive();
            if (msg == null) {
                break;
            }
            System.out.println("收到內容: " + msg.getText());
        }
        // 第七步: 關閉Connection連接
        if (connection != null) {
            connection.close();
        }
    }
}

 認證常量類:

/**
 * @filename Constants.Java
 * @desc 常量類
 * @blog http://www.cnblogs.com/goodcheap
 * @author Chinda Wang
 * @create 2017-12-09 10:14
 * @version v1.0
 * @copyright Copyright © 2017 達華信息科技有限公司 版權所有
 * @modifyhistory 2017-12-09 10:14
 * @modifyauthor Chinda Wang
 * @modifydesc
 */
package com.itdoc.learn.activemq.common;

/**
 * @desc 常量類
 * @author Chinda Wang
 * @create 2017-12-09 10:14
 */
public class Constants {

    /** 認證用戶名密碼 */
    public static final String AUTHENTICATION_USERNAME_ADMIN = "admin";
    public static final String AUTHENTICATION_PASSWORD_ADMIN = "admin";

    public static final String AUTHENTICATION_USERNAME_PUBLISHER = "publisher";
    public static final String AUTHENTICATION_PASSWORD_PUBLISHER = "publisher";

    public static final String AUTHENTICATION_USERNAME_CONSUMER = "consumer";
    public static final String AUTHENTICATION_PASSWORD_CONSUMER = "consumer";

    public static final String AUTHENTICATION_USERNAME_GUEST = "guest";
    public static final String AUTHENTICATION_PASSWORD_GUEST = "guest";

}