1. Simple authentication
- 로그인 유저/패스워드 설정파일인 jmx.password, 유저별 권한설정 파일인 jmx.access 를 통해 접근을 제어한다.
2. JAAS authentication
- JAAS(Java Authentication and Authorization Service) realm과 로그인 모듈을 이용하여 접근을 제어한다.
Simple authentication(jmx.password, jmx.access)를 이용한 ActiveMQ JMX Connector 설정 방법
1. jmx.password 설정$> vi $ACTIVEMQ_BASE/conf/jmx.password
# The "admin" user has password "activemq".
admin activemq
user1 password
user2 password
...
와 같이 설정한다.
2. jmx.access 설정
$> vi $ACTIVEMQ_BASE/conf/jmx.access
* 권한 종류
readonly : MBean attributes를 read만 가능
readwrite : MBean attributes Read/Write 권한 및 Invoke operation을 호출, MBean 생성/삭제 등의 권한
# The "admin" user has readwrite access.
admin readwrite
user1 readwrite
user2 readonly
...
와 같이 설정한다.
3. conf/activemq.xml 설정
<beans ... > <broker xmlns="http://activemq.apache.org/schema/core" ... > ... <managementContext> <managementContext createConnector="true" connectorPort="2011" jmxDomainName="org.apache.activemq"> <property xmlns="http://www.springframework.org/schema/beans" name="environment"> <map xmlns="http://www.springframework.org/schema/beans"> <entry xmlns="http://www.springframework.org/schema/beans" key="jmx.remote.x.password.file" value="${activemq.base}/conf/jmx.password"/> <entry xmlns="http://www.springframework.org/schema/beans" key="jmx.remote.x.access.file" value="${activemq.base}/conf/jmx.access"/> </map> </property> </managementContext> </managementContext> ... </broker> ... </beans>
4. Connect using (j)VisualVM
* reference
https://access.redhat.com/documentation/en-US/Fuse_ESB/4.4.1/html/ActiveMQ_Security_Guide/files/JMX-AmqConnector-Authent.html
http://activemq.apache.org/jmx.html
No comments:
Post a Comment