Chapter 4. User Authentication

download PDF

User authentication enables you to verify the identity of users by adding usernames and assigning them to security roles. In AMQ Broker 7, this process is similar to AMQ 6. However, there are some differences in terminology, configuration file locations, and configuration syntax. Once you understand the differences, there are several methods you can use to configure user access to your broker instance.

4.1. User Authentication Changes

In both AMQ Broker 7 and AMQ 6, authentication is provided by pluggable login modules based on the Java Authentication and Authorization Service (JAAS). However, groups in AMQ 6 are now called roles in AMQ Broker 7.

In addition, the names and locations of the login modules have changed in AMQ Broker 7.

Login ModuleLocation in AMQ 6Location in AMQ Broker 7




Roles (groups)



The syntax for adding users and roles is also different.

In AMQ 6

Non-privileged users could be added and assigned a password and security role in the file:

In AMQ Broker 7

Users and roles are assigned in separate login modules. You add users in the file:


You assign users to a security role in the file:


4.2. How User Authentication is Configured

You can access the AMQ 7 broker instance using the default username and password that you created when you created the broker instance. To enable additional users to access the broker instance, you can configure user authentication for the broker using any of the following methods:

Authentication MethodDescription

Guest Authentication

Enables anonymous access. In this configuration, any user who connects without credentials or with the wrong credentials will be authenticated automatically and assigned a specific user and role.

For more information, see Enabling Guest Access in Configuring AMQ Broker.

Basic User and Password Authentication

For each user, you must define a username and password and assign a security role. Users can only access the broker instance using these credentials.

For more information, see Adding Users in Configuring AMQ Broker.

Certificate-Based Authentication

Users are authenticated using SSL certificates.

For more information, see Adding Certificate-based Authentication in Configuring AMQ Broker.

LDAP Authentication

Users are authenticated and authorized by checking the credentials against user data stored in a central X.500 directory server.

For more information, see Using LDAP for Authentication in Configuring AMQ Broker.

Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.