alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

ActiveMQ example source code file (activemq-security.xml)

This example ActiveMQ source code file (activemq-security.xml) is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Java - ActiveMQ tags/keywords

activemq, activemq_encryption_password, apache, asf, asf, guest, license, license, pbewithmd5anddes, see, see, users, you, you

The ActiveMQ activemq-security.xml source code

<?xml version="1.0" encoding="UTF-8"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at
  
  http://www.apache.org/licenses/LICENSE-2.0
  
  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!--  
    Secure ActiveMQ broker
    For more information, see:
    
    http://activemq.apache.org/security.html
    
    Before you can run this configuration, you need to set ACTIVEMQ_ENCRYPTION_PASSWORD environment variable, like
    
    $ export ACTIVEMQ_ENCRYPTION_PASSWORD=activemq
    
    For more information see: http://activemq.apache.org/encrypted-passwords.html
    
    To run ActiveMQ with this configuration add xbean:conf/activemq-security.xml to your command
    
    e.g. $ bin/activemq console xbean:conf/activemq-security.xml
 -->
<beans
  xmlns="http://www.springframework.org/schema/beans"
  xmlns:amq="http://activemq.apache.org/schema/core"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
  http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
  
  <!-- Allows us to use encrypted system properties as variables in this configuration file -->
  <bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
    <property name="algorithm" value="PBEWithMD5AndDES" />
    <property name="passwordEnvName" value="ACTIVEMQ_ENCRYPTION_PASSWORD" />
  </bean>
                                                                     
  <bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
    <property name="config" ref="environmentVariablesConfiguration" />
  </bean>  
    
  <bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer"> 
      <constructor-arg ref="configurationEncryptor" /> 
      <property name="location" value="file:${activemq.base}/conf/credentials-enc.properties"/> 
  </bean> 
  
  <!--     
    Use this configuration if you don't want to set encryptor password using environment variable
    Note however, that with this solution your passwords can be easily decrypted once the encrypter password is known
    
  <bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
     <property name="algorithm" value="PBEWithMD5AndDES"/>
     <property name="password" value="activemq"/>
  </bean> 
  -->

  <broker useJmx="true" persistent="false" xmlns="http://activemq.apache.org/schema/core" destroyApplicationContextOnStop="true">

    <managementContext>
        <managementContext createConnector="true">
            <property xmlns="http://www.springframework.org/schema/beans" name="environment">
                <map xmlns="http://www.springframework.org/schema/beans">
                    <entry xmlns="http://www.springframework.org/schema/beans" key="jmx.remote.x.password.file"
                           value="conf/jmx.password"/>
                    <entry xmlns="http://www.springframework.org/schema/beans" key="jmx.remote.x.access.file"
                           value="conf/jmx.access"/>
                </map>
            </property>
        </managementContext>
    </managementContext>

    <plugins>
        <!-- Configure authentication; Username, passwords and groups -->
        <simpleAuthenticationPlugin>
            <users>
                <authenticationUser username="system" password="${activemq.password}"
                    groups="users,admins"/>
                <authenticationUser username="user" password="${guest.password}"
                    groups="users"/>
                <authenticationUser username="guest" password="${guest.password}" groups="guests"/>
            </users>
        </simpleAuthenticationPlugin>


      <!--  Lets configure a destination based authorization mechanism -->
      <authorizationPlugin>
        <map>
          <authorizationMap>
            <authorizationEntries>
              <authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
              <authorizationEntry queue="USERS.>" read="users" write="users" admin="users" />
              <authorizationEntry queue="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
              
              <authorizationEntry queue="TEST.Q" read="guests" write="guests" />
              
              <authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
              <authorizationEntry topic="USERS.>" read="users" write="users" admin="users" />
              <authorizationEntry topic="GUEST.>" read="guests" write="guests,users" admin="guests,users" />
              
              <authorizationEntry topic="ActiveMQ.Advisory.>" read="guests,users" write="guests,users" admin="guests,users"/>
            </authorizationEntries>
          </authorizationMap>
        </map>
      </authorizationPlugin>
    </plugins>
    
    <transportConnectors>
       <transportConnector name="default" uri="tcp://0.0.0.0:61616"/>
    </transportConnectors>
    
  </broker>

  <!-- 
      Configure command agent to be used in secured broker environment
      Notice how we used ${activemq.username} and ${activemq.password} configured in credential.properties
  -->
  <commandAgent xmlns="http://activemq.apache.org/schema/core" brokerUrl="vm://localhost" username="${activemq.username}" password="${activemq.password}"/>

  <!-- Use Web applications and Camel in secured broker environment -->
  <import resource="jetty.xml"/>
  <import resource="camel.xml"/>

</beans>

Other ActiveMQ examples (source code examples)

Here is a short list of links related to this ActiveMQ activemq-security.xml source code file:

... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.