账号的角色定义
conf/jetty.xml
<bean id="securityConstraint" class="org.eclipse.jetty.http.security.Constraint">
<property name="name" value="BASIC" />
<property name="roles" value="admin" />
<property name="authenticate" value="false" />
</bean>
设置authenticate为true
账号用户名保存在conf/jetty-realm.properties
格式: 账号:密码,角色
eg:admin:admin,admin
权限分配
conf/activemq.xml下broke节点下,read、write和admin的值为在认证中用户对应的groups属性中的值
<plugins>
<jaasAuthenticationPlugin configuration="activemq-domain" />
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins,users" write="admins" admin="admins,users" />
<authorizationEntry topic=">" read="admins,users" write="admins" admin="admins,users" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
/conf/login.config定义用户信息及组信息加载的文件,activemq.xml的activemq-domain指向该处
activemq-domain {
org.apache.activemq.jaas.PropertiesLoginModule required
org.apache.activemq.jaas.properties.user="users.properties"
org.apache.activemq.jaas.properties.group="groups.properties";
};
在conf/group.properties加入
admins=admin,monitor
users=oread
在conf/user.properties加入用户名和密码信息
admin=password1
monitor=password2
oread=password3
在conf/user.properties加入用户名和密码信息
admin=password1
monitor=password2
oread=password3