step 1) 下载ActiveMQ并解压移到 /usr/local目录下
cd /opt
wget http://mirrors.cnnic.cn/apache//activemq/5.14.2/apache-activemq-5.14.2-bin.tar.gz
tar zxvf apache-activemq-5.14.2-bin.tar.gz
mv apache-activemq-5.14.2 /usr/local/
ln -s /usr/local/apache-activemq-5.14.2 /usr/local/activemq
step 2) 创建activemq 用户并赋给目录权限
adduser activemq
chown -R activemq:activemq /usr/local/activemq
step 3) 安装ActiveMQ
su activemq
cd /usr/local/activemq
bin/activemq setup ./conf
step 4) 配置成服务
vi /usr/local/activemq/bin/activemq
在第二行加入如下:
# chkconfig: - 64 36
在"
EXEC_OPTION="下加入如下内容,配置activemq的启动用户
ACTIVEMQ_USER="activemq"
配置服务与开机启动
ln -s /usr/local/activemq/bin/activemq /etc/init.d/activemq
chkconfig activemq on
step 5)配成ActiveMQ的用户组与权限
vi /usr/local/activemq/conf/activemq.xml
找到节点:beans>broker>plugins 加入如下内容
<!-- use JAAS to authenticate using the login.config file on the classpath to configure JAAS -->
<jaasAuthenticationPlugin configuration="activemq" />
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry topic="ActiveMQ.Advisory.>" write="all" read="all" admin="all" />
<authorizationEntry queue=">" write="producers" read="consumers" admin="admins,consumers" />
</authorizationEntries>
<tempDestinationAuthorizationEntry>
<tempDestinationAuthorizationEntry write="admin" read="admin" admin="admin" />
</tempDestinationAuthorizationEntry>
</authorizationMap>
</map>
</authorizationPlugin>
剩下的就是管理ActiveMQ用户( users.properties)与组 ( groups.properties)了,这里略过,
有个巨坑,注意:如果开启了web控制台与需要使用REST API,那 conf/jetty-realm.properties 里的账户密码需要与users.properties的密码完全一致(还未找到其它解决方案),不然调用Rest API的权限会有问题。
step 6)启动ActiveMQ服务
service activemq start
参考: http://activemq.apache.org/security.html