JAAS
This page provides step-by-step instructions for configuring the Java Authentication and Authorization Service (JAAS) for both VM and Docker environments.
-
Ensure the configuration file is named
JMS_BRIDGE_ROOT/etc/jms-bridge/login.config. If not, rename it. -
Open the file and verify its content matches the following:
Terminal window MyDomain {org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule requireddebug=trueorg.apache.activemq.jaas.properties.user="users.properties"org.apache.activemq.jaas.properties.role="roles.properties";}; -
Check that the content of
JMS_BRIDGE_ROOT/etc/jms-bridge/users.propertiesis as follows:Terminal window superSys=superSys123theAdmin=theAdmin123theUser=theUser123 -
Ensure the content of
JMS_BRIDGE_ROOT/etc/jms-bridge/roles.propertiesis as follows:Terminal window admins=theAdmin,superSysusers=theUser,superSys -
Enable security settings in
JMS_BRIDGE_ROOT/etc/jms-bridge/broker.xmlby adding the following configurations:Terminal window <security-enabled>true</security-enabled><security-settings><security-setting match="#"><permission type="send" roles="admins,users"/><permission type="consume" roles="admins,users"/><permission type="createAddress" roles="admins"/><permission type="deleteAddress" roles="admins"/><permission type="createDurableQueue" roles="admins"/><permission type="deleteDurableQueue" roles="admins"/><permission type="createNonDurableQueue" roles="admins"/><permission type="deleteNonDurableQueue" roles="admins"/><permission type="manage" roles="admins"/></security-setting></security-settings> -
Open the configuration file located at
JMS_BRIDGE_ROOT/etc/jms-bridge/jms-bridge.conf. -
Add the following property to the
jms-bridge.conffile:Terminal window security {domain = "MyDomain"} -
After completing the configuration, restart the JMS BRIDGE servers.
-
Access the Files in the
jms-bridge-servercontainer. -
Verify that the configuration file is located at
JMS_BRIDGE_ROOT/etc/jms-bridge/and namedlogin.config. If not, rename it using the following command:Terminal window docker exec <jms-bridge-container-id> mv /etc/jms-bridge/login.config /etc/jms-bridge/login.config -
If the
/etc/jms-bridge/login.configfile is missing, upload it from your local machine using the following command:Terminal window docker cp </path/to/login.config> <jms-bridge-container-id>:/etc/jms-bridgeExample:
Section titled “Example:”Terminal window docker cp /user/jms-bridge-server-ssl/etc/jms-bridge/login.config e8df5438764d1e01e91618b:/etc/jms-bridge -
Ensure the content of the
login.configfile is as follows:Terminal window MyDomain {org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule requireddebug=trueorg.apache.activemq.jaas.properties.user="users.properties"org.apache.activemq.jaas.properties.role="roles.properties";}; -
Verify that the content of
/etc/jms-bridge/users.propertiesis as follows:Terminal window superSys=superSys123theAdmin=theAdmin123theUser=theUser123 -
Ensure the content of
/etc/jms-bridge/roles.propertiesis as follows:Terminal window admins=theAdmin,superSysusers=theUser,superSys -
Add the following security settings to
/etc/jms-bridge/broker.xml:Terminal window <security-enabled>true</security-enabled><security-settings><security-setting match="#"><permission type="send" roles="admins,users"/><permission type="consume" roles="admins,users"/><permission type="createAddress" roles="admins"/><permission type="deleteAddress" roles="admins"/><permission type="createDurableQueue" roles="admins"/><permission type="deleteDurableQueue" roles="admins"/><permission type="createNonDurableQueue" roles="admins"/><permission type="deleteNonDurableQueue" roles="admins"/><permission type="manage" roles="admins"/></security-setting></security-settings> -
Open the properties file located at
/etc/jms-bridge/jms-bridge.properties. -
Add the following property to the
jms-bridge.propertiesfile:Terminal window bridge.security.domain=MyDomain -
After completing the configuration, restart the JMS BRIDGE servers.