搜索

此内容没有您所选择的语言版本。

Chapter 4. User Authentication

download PDF

User authentication enables you to verify the identity of users by adding usernames and assigning them to security roles. In AMQ Broker 7, this process is similar to AMQ 6. However, there are some differences in terminology, configuration file locations, and configuration syntax. Once you understand the differences, there are several methods you can use to configure user access to your broker instance.

4.1. User Authentication Changes

In both AMQ Broker 7 and AMQ 6, authentication is provided by pluggable login modules based on the Java Authentication and Authorization Service (JAAS). However, groups in AMQ 6 are now called roles in AMQ Broker 7.

In addition, the names and locations of the login modules have changed in AMQ Broker 7.

Login ModuleLocation in AMQ 6Location in AMQ Broker 7

Users

etc/users.properties

BROKER_INSTANCE_DIR/etc/artemis-users.properties

Roles (groups)

etc/groups.properties

BROKER_INSTANCE_DIR/etc/artemis-roles.properties

The syntax for adding users and roles is also different.

In AMQ 6

Non-privileged users could be added and assigned a password and security role in the users.properties file:

USER=PASSWORD,ROLE
In AMQ Broker 7

Users and roles are assigned in separate login modules. You add users in the artemis-users.properties file:

USER=PASSWORD

You assign users to a security role in the artemis-roles.properties file:

ROLE=USER

4.2. How User Authentication is Configured

You can access the AMQ 7 broker instance using the default username and password that you created when you created the broker instance. To enable additional users to access the broker instance, you can configure user authentication for the broker using any of the following methods:

Authentication MethodDescription

Guest Authentication

Enables anonymous access. In this configuration, any user who connects without credentials or with the wrong credentials will be authenticated automatically and assigned a specific user and role.

For more information, see Configuring guest access in Configuring AMQ Broker.

Basic User and Password Authentication

For each user, you must define a username and password and assign a security role. Users can only access the broker instance using these credentials.

For more information, see Configuring user and password authentication based on properties files in Configuring AMQ Broker.

Certificate-Based Authentication

Users are authenticated using SSL certificates.

For more information, see Configuring certificate-based authentication in Configuring AMQ Broker.

LDAP Authentication

Users are authenticated and authorized by checking the credentials against user data stored in a central X.500 directory server.

For more information, see Using LDAP for authentication and authorization in Configuring AMQ Broker.

Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.