2

我正在为我的 Java 应用程序配置 AMQ 代理。用户和角色在其各自的配置属性文件中定义。这些用户具有特定权限,具体取决于他们尝试使用的地址。

所有这些都在 broker.xml 中配置。经纪人使用 3 个地址:genericTopic、news.europe.europeTopic、news.us.usTopic。对于genericTopic 地址,所有用户都拥有所有权限。

不过,我得到了这个例外:

 An exception occured while executing the Java class. AMQ119213: User: bill does not have permission='CREATE_NON_DURABLE_QUEUE' for queue 576bc5ef-3373-409b-b45d-0b382107f915 on address genericTopic

broker.xml 文件包含:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>

<configuration xmlns="urn:activemq" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:activemq /schema/artemis-server.xsd">

   <core xmlns="urn:activemq:core">

      <bindings-directory>./data/messaging/bindings</bindings-directory>

      <journal-directory>./data/messaging/journal</journal-directory>

      <large-messages-directory>./data/messaging/largemessages</large-messages-directory>

      <paging-directory>./data/messaging/paging</paging-directory>

      <!-- Acceptors -->
      <acceptors>
         <acceptor name="netty-acceptor">tcp://localhost:61616</acceptor>
      </acceptors>

      <!-- Other config -->

      <security-settings>
         <!-- any user can have full control of generic topics -->
         <security-setting match="#">
            <permission roles="user" type="createDurableQueue"/>
            <permission roles="user" type="deleteDurableQueue"/>
            <permission roles="user" type="createNonDurableQueue"/>
            <permission roles="user" type="deleteNonDurableQueue"/>
            <permission roles="user" type="send"/>
            <permission roles="user" type="consume"/>
         </security-setting>

         <security-setting match="news.europe.#">
            <permission roles="user" type="createDurableQueue"/>
            <permission roles="user" type="deleteDurableQueue"/>
            <permission roles="user" type="createNonDurableQueue"/>
            <permission roles="user" type="deleteNonDurableQueue"/>
            <permission roles="europe-user" type="send"/>
            <permission roles="news-user" type="consume"/>
         </security-setting>

         <security-setting match="news.us.#">
            <permission roles="user" type="createDurableQueue"/>
            <permission roles="user" type="deleteDurableQueue"/>
            <permission roles="user" type="createNonDurableQueue"/>
            <permission roles="user" type="deleteNonDurableQueue"/>
            <permission roles="us-user" type="send"/>
            <permission roles="news-user" type="consume"/>
         </security-setting>

         <security-setting match="jms.tempqueue.#">
           <permission roles="user" type="createDurableQueue"/>
           <permission roles="user" type="deleteDurableQueue"/>
           <permission roles="user" type="createNonDurableQueue"/>
           <permission roles="user" type="deleteNonDurableQueue"/>
           <permission roles="user" type="send"/>
           <permission roles="user" type="consume"/>    
        </security-setting>

      </security-settings>

      <addresses>
         <address name="genericTopic">
            <multicast/>
         </address>
         <address name="news.europe.europeTopic">
            <multicast/>
         </address>
         <address name="news.us.usTopic">
            <multicast/>
         </address>
      </addresses>
   </core>
</configuration>

artemis-users.properties

bill = ENC(1024:020FEC8DB7EBBCB987FD25F1188EA71FA13FD4E0BF504963891EDC97E1ED1285:3E53D34A96F9995612C7C585CA04BA63CF5F531C92510E882960F848BFC3982AF47FCD40AB888F9AC10648CCEBA1DD52C0F0A312B2C90225D9A46DDC50198B3C)
andrew = ENC(1024:3E09F4D16A6970F3C40E24784AFE64AFD66349174AB20B2609109646A8F0561F:F22063143058EBCF47A0ACA1C29DBCB82C4AF15E510F5C801B47928AEA1836D1480BFD0DFD0320BA567D1A32C98859C02350AE271DC530F29D7E16E910E251AD)
frank = ENC(1024:49292EEC8AA19AB5390A0F0D67AA5A3978DE1AF0F561B641A1CE90B3C9637AAD:22A8F9A4B144B9CC173F3B1D5A2B09FE57642234534C2EB3A805DB7D5F7FEA398B58EB9380B8EA69B916B5CFA23BC7573E09A87A20C0DF1A35A1134270260BE4)
sam = ENC(1024:39832F10D9734D7E6EECE16BCEAA5E2917D384B4CE482A2A4B3D3E7A550B0A5C:CCA47914C6DD64AE6B69FE977BB445CBCDEA50D458E7F42AA341FA84A11C302E2EAB072E57B41A636589C89246911A6A49424CBA4B629F4846826183E9AD9DA1)

artemis-roles.properties

user=bill,andrew,frank,sam
europe-user=andrew
news-user=frank,sam
us-user=frank

在 Java 中,用户bill可以使用提供的密码进行身份验证,我可以genericTopic使用用户创建生产者bill,但不能使用MessageConsumer.

这是导致异常的 Java 代码行:

MessageConsumer consumer = session.createConsumer(topic);

以下是 AMQ 代理中的一些附加日志:

2018-06-25 16:47:26,264 WARN  [org.apache.activemq.artemis.core.server] AMQ222107: Cleared up resources for session 590f0d6e-78c1-11e8-a8e1-e82aea578992
2018-06-25 16:48:44,412 WARN  [org.apache.activemq.artemis.core.server] AMQ222061: Client connection failed, clearing up resources for session 87928e3c-78c1-11e8-bcaa-e82aea578992

更新:我解决了部分问题。我所有的密码都不正确。现在没有异常,但消息使用者阻塞并永远等待存在的消息(在 Web 控制台上检查)但由于某种原因它无法接收。此外,我仍然收到有关客户端连接失败的相同警告。更具体地说,应用程序在此处停止:

TextMessage receivedMsg = (TextMessage) consumer.receive();
4

0 回答 0