Spring Apache ActiveMQ 5.10.0中仅在Java项目中通过SSL的身份验证和授权问题
我正在尝试仅通过SSL配置Apache ActiveMQ 5.10.0,并在Windows7上测试身份验证和授权。在activemq.xml文件中Spring Apache ActiveMQ 5.10.0中仅在Java项目中通过SSL的身份验证和授权问题,spring,ssl,activemq,Spring,Ssl,Activemq,我正在尝试仅通过SSL配置Apache ActiveMQ 5.10.0,并在Windows7上测试身份验证和授权。在activemq.xml文件中 <sslContext> <sslContext keyStore="file:${activemq.conf}/cert/broker.ks" keyStorePassword="password" trustStore="file:${activemq.conf}/cert/client
<sslContext>
<sslContext keyStore="file:${activemq.conf}/cert/broker.ks" keyStorePassword="password" trustStore="file:${activemq.conf}/cert/client.ts" trustStorePassword="password"/>
</sslContext>
<transportConnectors>
<transportConnector name="ssl" uri="ssl://127.0.0.1:61617?needClientAuth=true"/>
</transportConnectors>
因此,我的代理已准备好通过ssl进行侦听。
在另一个cmd中,我正在启动我的java spring项目jar……并获得以下日志:
[21 Jul 2014 15:07:59,146] [DEBUG] WireFormatNegotiator.negociate() - ssl://localhost/127.0.0.1:61617 after negotiation: OpenWireFormat{version=9, cacheEnabled=tru
e, stackTraceEnabled=true, tightEncodingEnabled=true, sizePrefixDisabled=false, maxFrameSize=9223372036854775807}
[21 Jul 2014 15:07:59,167] [DEBUG] TaskRunnerFactory.init() - Initialized TaskRunnerFactory[ActiveMQ Session Task] using ExecutorService: java.util.concurrent.Thre
adPoolExecutor@650e1899[Running, pool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0]
[21 Jul 2014 15:07:59,169] [INFO ] WalletManager.run() -
########################## Wallet MANAGER UP ##########################
[21 Jul 2014 15:07:59,181] [DEBUG] CustomJmsTemplate.execute() - Executing callback on JMS Session: PooledSession { ActiveMQSession {id=ID:Psylocke-59003-140598047
8859-3:1:3,started=true} }
[21 Jul 2014 15:07:59,219] [DEBUG] CustomJmsTemplate.doSend() - Sending created message: ActiveMQObjectMessage {commandId = 0, responseRequired = false, messageId
= null, originalDestination = null, originalTransactionId = null, producerId = null, destination = null, transactionId = null, expiration = 0, timestamp = 0, arriv
al = 0, brokerInTime = 0, brokerOutTime = 0, correlationId = null, replyTo = null, persistent = false, type = null, priority = 0, groupID = null, groupSequence = 0
, targetConsumerId = null, compressed = false, userID = null, content = org.apache.activemq.util.ByteSequence@18f9a7a8, marshalledProperties = null, dataStructure
= null, redeliveryCounter = 0, size = 0, properties = null, readOnlyProperties = false, readOnlyBody = false, droppable = false}
[21 Jul 2014 15:07:59,229] [DEBUG] CustomJmsTemplate.execute() - Executing callback on JMS Session: PooledSession { ActiveMQSession {id=ID:Psylocke-59003-140598047
8859-1:1:2,started=true} }
[21 Jul 2014 15:07:59,260] [DEBUG] CustomJmsTemplate.doSend() - Sending created message: ActiveMQObjectMessage {commandId = 0, responseRequired = false, messageId
= null, originalDestination = null, originalTransactionId = null, producerId = null, destination = null, transactionId = null, expiration = 0, timestamp = 0, arriv
al = 0, brokerInTime = 0, brokerOutTime = 0, correlationId = null, replyTo = null, persistent = false, type = null, priority = 0, groupID = null, groupSequence = 0
, targetConsumerId = null, compressed = false, userID = null, content = org.apache.activemq.util.ByteSequence@ca2027f, marshalledProperties = null, dataStructure =
null, redeliveryCounter = 0, size = 0, properties = null, readOnlyProperties = false, readOnlyBody = false, droppable = false}
[21 Jul 2014 15:07:59,312] [DEBUG] WalletManager.processUIMessage() - ### UI ### GetWalletPositions processing stared ### UI ###
[21 Jul 2014 15:07:59,313] [DEBUG] WalletManager.processUIMessage() - ### UI ### GetWalletPositions processing ended ### UI ###
[21 Jul 2014 15:08:19,036] [DEBUG] AbstractInactivityMonitor.run() - WriteChecker 10001 ms elapsed since last write check.
[21 Jul 2014 15:08:19,038] [DEBUG] AbstractInactivityMonitor.run() - Running WriteCheck[tcp://127.0.0.1:61617]
[21 Jul 2014 15:08:19,145] [DEBUG] AbstractInactivityMonitor.run() - WriteChecker 10000 ms elapsed since last write check.
[21 Jul 2014 15:08:19,145] [DEBUG] AbstractInactivityMonitor.run() - Running WriteCheck[tcp://127.0.0.1:61617]
[21 Jul 2014 15:08:29,036] [DEBUG] AbstractInactivityMonitor.run() - WriteChecker 10000 ms elapsed since last write check.
[21 Jul 2014 15:08:29,036] [DEBUG] AbstractInactivityMonitor.run() - Running WriteCheck[tcp://127.0.0.1:61617]
[21 Jul 2014 15:08:29,145] [DEBUG] AbstractInactivityMonitor.run() - WriteChecker 10000 ms elapsed since last write check.
出于身份验证和授权目的,我在activemq.xml中使用以下插件。我只希望“系统”用户连接,其他来宾用户或不正确的用户名不得访问:
在WalletManager项目的spring上下文文件中
ssl://${activemq.zdchange.hostname}:${activemq.zdchange.port}
ssl://${activemq.sc.hostname}:${activemq.sc.port}
现在,即使我为“系统”提供了错误的密码,或者对下面的行进行了注释
<property name="userName" value="system"/>
<property name="password" value="manager"/>
但它仍在与经纪人建立联系。我的身份验证和授权是否未正确完成?可能是您的
activemq.xml
配置错误?你检查日志了吗?我今天再次按照所有步骤操作,现在它正在工作。这就是我所做的
然后创建证书。
设置代理环境
这两个文件broker-keystore.ks和broker-truststore.ks位于apache-activemq-5.10.0\conf文件夹中 Activemq配置
设置客户端环境
将客户端密钥库和信任库放置在正确的位置
已使用的ActiveMQSslConnectionFactory
<bean class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL">
<value>ssl://localhost:61617</value>
</property>
<property name="keyStore" value="client-keystore.ks"/>
<property name="keyStorePassword" value="password"/>
<property name="trustStore" value="client-truststore.ks"/>
<property name="trustStorePassword" value="password"/>
<property name="userName" value="abc"/>
<property name="password" value="pass"/>
<property name="redeliveryPolicy" ref="redeliveryPolicy"/>
<property name="useAsyncSend" value="true"/>
</bean>
ssl://localhost:61617
<bean id="activeMQConnectionFactory" class="org.apache.activemq.pool.PooledConnectionFactory" destroy-method="stop" >
<property name="connectionFactory">
<bean class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL">
<value>ssl://${activemq.zdchange.hostname}:${activemq.zdchange.port}</value>
</property>
<property name="keyStore" value="broker.ks"/>
<property name="keyStorePassword" value="keypass"/>
<property name="trustStore" value="client.ts"/>
<property name="trustStorePassword" value="keypass"/>
<property name="userName" value="system"/>
<property name="password" value="manager"/>
<property name="redeliveryPolicy" ref="redeliveryPolicy"/>
<property name="useAsyncSend" value="true"/>
</bean>
</property>
</bean>
<!-- JMS Connection Factory for walletcontroller -->
<bean id="activeMQConnectionFactory_forSC" class="org.apache.activemq.pool.PooledConnectionFactory" destroy-method="stop" >
<property name="connectionFactory">
<bean class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL">
<value>ssl://${activemq.sc.hostname}:${activemq.sc.port}</value>
</property>
<property name="keyStore" value="broker.ks"/>
<property name="keyStorePassword" value="keypass"/>
<property name="trustStore" value="client.ts"/>
<property name="trustStorePassword" value="keypass"/>
<property name="userName" value="system"/>
<property name="password" value="manager"/>
<property name="redeliveryPolicy" ref="redeliveryPolicy"/>
<property name="useAsyncSend" value="true"/>
</bean>
</property>
</bean>
<property name="userName" value="system"/>
<property name="password" value="manager"/>
<sslContext>
<sslContext keyStore="file:${activemq.conf}/broker-keystore.ks" keyStorePassword="password"
trustStore="file:${activemq.conf}/broker-truststore.ks" trustStorePassword="password"/>
</sslContext>
<transportConnectors>
<transportConnector name="ssl" uri="ssl://localhost:61617?transport.needClientAuth=true"/>
</transportConnectors>
<bean class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL">
<value>ssl://localhost:61617</value>
</property>
<property name="keyStore" value="client-keystore.ks"/>
<property name="keyStorePassword" value="password"/>
<property name="trustStore" value="client-truststore.ks"/>
<property name="trustStorePassword" value="password"/>
<property name="userName" value="abc"/>
<property name="password" value="pass"/>
<property name="redeliveryPolicy" ref="redeliveryPolicy"/>
<property name="useAsyncSend" value="true"/>
</bean>