Google Git
Sign in
apache / activemq-website / 2d7ec01b68bbfcb7ac8a73db051dcdc91be2c891 / . / src / components / artemis / documentation / 1.1.0 / security.html
blob: 57cad7fdf7ed736dba46a8cba368712cd3d427ca [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en" >
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title>Security | ActiveMQ Artemis Documentation</title>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<meta name="description" content="">
<meta name="generator" content="GitBook 2.1.0">
<meta name="HandheldFriendly" content="true"/>
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="gitbook/images/apple-touch-icon-precomposed-152.png">
<link rel="shortcut icon" href="gitbook/images/favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="gitbook/style.css">
<link rel="next" href="./resource-limits.html" />
<link rel="prev" href="./management.html" />
</head>
<body>
<div class="book" data-level="32" data-basepath="." data-revision="Wed Sep 23 2015 12:51:51 GMT+0100 (BST)">
<div class="book-summary">
<div class="book-search">
<input type="text" placeholder="Type to search" class="form-control" />
</div>
<ul class="summary">
<li class="chapter " data-level="0" data-path="index.html">
<a href="./index.html">
<i class="fa fa-check"></i>
Introduction
</a>
</li>
<li class="chapter " data-level="1" data-path="notice.html">
<a href="./notice.html">
<i class="fa fa-check"></i>
<b>1.</b>
Legal Notice
</a>
</li>
<li class="chapter " data-level="2" data-path="preface.html">
<a href="./preface.html">
<i class="fa fa-check"></i>
<b>2.</b>
Preface
</a>
</li>
<li class="chapter " data-level="3" data-path="project-info.html">
<a href="./project-info.html">
<i class="fa fa-check"></i>
<b>3.</b>
Project Info
</a>
</li>
<li class="chapter " data-level="4" data-path="messaging-concepts.html">
<a href="./messaging-concepts.html">
<i class="fa fa-check"></i>
<b>4.</b>
Messaging Concepts
</a>
</li>
<li class="chapter " data-level="5" data-path="architecture.html">
<a href="./architecture.html">
<i class="fa fa-check"></i>
<b>5.</b>
Architecture
</a>
</li>
<li class="chapter " data-level="6" data-path="using-server.html">
<a href="./using-server.html">
<i class="fa fa-check"></i>
<b>6.</b>
Using the Server
</a>
</li>
<li class="chapter " data-level="7" data-path="using-jms.html">
<a href="./using-jms.html">
<i class="fa fa-check"></i>
<b>7.</b>
Using JMS
</a>
</li>
<li class="chapter " data-level="8" data-path="using-core.html">
<a href="./using-core.html">
<i class="fa fa-check"></i>
<b>8.</b>
Using Core
</a>
</li>
<li class="chapter " data-level="9" data-path="jms-core-mapping.html">
<a href="./jms-core-mapping.html">
<i class="fa fa-check"></i>
<b>9.</b>
Mapping JMS Concepts to the Core API
</a>
</li>
<li class="chapter " data-level="10" data-path="client-classpath.html">
<a href="./client-classpath.html">
<i class="fa fa-check"></i>
<b>10.</b>
The Client Classpath
</a>
</li>
<li class="chapter " data-level="11" data-path="examples.html">
<a href="./examples.html">
<i class="fa fa-check"></i>
<b>11.</b>
Examples
</a>
</li>
<li class="chapter " data-level="12" data-path="wildcard-routing.html">
<a href="./wildcard-routing.html">
<i class="fa fa-check"></i>
<b>12.</b>
Routing Messages With Wild Cards
</a>
</li>
<li class="chapter " data-level="13" data-path="wildcard-syntax.html">
<a href="./wildcard-syntax.html">
<i class="fa fa-check"></i>
<b>13.</b>
Understanding the Apache ActiveMQ Artemis Wildcard Syntax
</a>
</li>
<li class="chapter " data-level="14" data-path="filter-expressions.html">
<a href="./filter-expressions.html">
<i class="fa fa-check"></i>
<b>14.</b>
Filter Expressions
</a>
</li>
<li class="chapter " data-level="15" data-path="persistence.html">
<a href="./persistence.html">
<i class="fa fa-check"></i>
<b>15.</b>
Persistence
</a>
</li>
<li class="chapter " data-level="16" data-path="configuring-transports.html">
<a href="./configuring-transports.html">
<i class="fa fa-check"></i>
<b>16.</b>
Configuring Transports
</a>
</li>
<li class="chapter " data-level="17" data-path="connection-ttl.html">
<a href="./connection-ttl.html">
<i class="fa fa-check"></i>
<b>17.</b>
Detecting Dead Connections
</a>
</li>
<li class="chapter " data-level="18" data-path="slow-consumers.html">
<a href="./slow-consumers.html">
<i class="fa fa-check"></i>
<b>18.</b>
Detecting Slow Consumers
</a>
</li>
<li class="chapter " data-level="19" data-path="transaction-config.html">
<a href="./transaction-config.html">
<i class="fa fa-check"></i>
<b>19.</b>
Resource Manager Configuration
</a>
</li>
<li class="chapter " data-level="20" data-path="flow-control.html">
<a href="./flow-control.html">
<i class="fa fa-check"></i>
<b>20.</b>
Flow Control
</a>
</li>
<li class="chapter " data-level="21" data-path="send-guarantees.html">
<a href="./send-guarantees.html">
<i class="fa fa-check"></i>
<b>21.</b>
Guarantees of sends and commits
</a>
</li>
<li class="chapter " data-level="22" data-path="undelivered-messages.html">
<a href="./undelivered-messages.html">
<i class="fa fa-check"></i>
<b>22.</b>
Message Redelivery and Undelivered Messages
</a>
</li>
<li class="chapter " data-level="23" data-path="message-expiry.html">
<a href="./message-expiry.html">
<i class="fa fa-check"></i>
<b>23.</b>
Message Expiry
</a>
</li>
<li class="chapter " data-level="24" data-path="large-messages.html">
<a href="./large-messages.html">
<i class="fa fa-check"></i>
<b>24.</b>
Large Messages
</a>
</li>
<li class="chapter " data-level="25" data-path="paging.html">
<a href="./paging.html">
<i class="fa fa-check"></i>
<b>25.</b>
Paging
</a>
</li>
<li class="chapter " data-level="26" data-path="queue-attributes.html">
<a href="./queue-attributes.html">
<i class="fa fa-check"></i>
<b>26.</b>
Queue Attributes
</a>
</li>
<li class="chapter " data-level="27" data-path="scheduled-messages.html">
<a href="./scheduled-messages.html">
<i class="fa fa-check"></i>
<b>27.</b>
Scheduled Messages
</a>
</li>
<li class="chapter " data-level="28" data-path="last-value-queues.html">
<a href="./last-value-queues.html">
<i class="fa fa-check"></i>
<b>28.</b>
Last-Value Queues
</a>
</li>
<li class="chapter " data-level="29" data-path="message-grouping.html">
<a href="./message-grouping.html">
<i class="fa fa-check"></i>
<b>29.</b>
Message Grouping
</a>
</li>
<li class="chapter " data-level="30" data-path="pre-acknowledge.html">
<a href="./pre-acknowledge.html">
<i class="fa fa-check"></i>
<b>30.</b>
Extra Acknowledge Modes
</a>
</li>
<li class="chapter " data-level="31" data-path="management.html">
<a href="./management.html">
<i class="fa fa-check"></i>
<b>31.</b>
Management
</a>
</li>
<li class="chapter active" data-level="32" data-path="security.html">
<a href="./security.html">
<i class="fa fa-check"></i>
<b>32.</b>
Security
</a>
</li>
<li class="chapter " data-level="33" data-path="resource-limits.html">
<a href="./resource-limits.html">
<i class="fa fa-check"></i>
<b>33.</b>
Resource Limits
</a>
</li>
<li class="chapter " data-level="34" data-path="jms-bridge.html">
<a href="./jms-bridge.html">
<i class="fa fa-check"></i>
<b>34.</b>
The JMS Bridge
</a>
</li>
<li class="chapter " data-level="35" data-path="client-reconnection.html">
<a href="./client-reconnection.html">
<i class="fa fa-check"></i>
<b>35.</b>
Client Reconnection and Session Reattachment
</a>
</li>
<li class="chapter " data-level="36" data-path="diverts.html">
<a href="./diverts.html">
<i class="fa fa-check"></i>
<b>36.</b>
Diverting and Splitting Message Flows
</a>
</li>
<li class="chapter " data-level="37" data-path="core-bridges.html">
<a href="./core-bridges.html">
<i class="fa fa-check"></i>
<b>37.</b>
Core Bridges
</a>
</li>
<li class="chapter " data-level="38" data-path="duplicate-detection.html">
<a href="./duplicate-detection.html">
<i class="fa fa-check"></i>
<b>38.</b>
Duplicate Message Detection
</a>
</li>
<li class="chapter " data-level="39" data-path="clusters.html">
<a href="./clusters.html">
<i class="fa fa-check"></i>
<b>39.</b>
Clusters
</a>
</li>
<li class="chapter " data-level="40" data-path="ha.html">
<a href="./ha.html">
<i class="fa fa-check"></i>
<b>40.</b>
High Availability and Failover
</a>
</li>
<li class="chapter " data-level="41" data-path="graceful-shutdown.html">
<a href="./graceful-shutdown.html">
<i class="fa fa-check"></i>
<b>41.</b>
Graceful Server Shutdown
</a>
</li>
<li class="chapter " data-level="42" data-path="libaio.html">
<a href="./libaio.html">
<i class="fa fa-check"></i>
<b>42.</b>
Libaio Native Libraries
</a>
</li>
<li class="chapter " data-level="43" data-path="thread-pooling.html">
<a href="./thread-pooling.html">
<i class="fa fa-check"></i>
<b>43.</b>
Thread management
</a>
</li>
<li class="chapter " data-level="44" data-path="logging.html">
<a href="./logging.html">
<i class="fa fa-check"></i>
<b>44.</b>
Logging
</a>
</li>
<li class="chapter " data-level="45" data-path="rest.html">
<a href="./rest.html">
<i class="fa fa-check"></i>
<b>45.</b>
REST Interface
</a>
</li>
<li class="chapter " data-level="46" data-path="embedding-activemq.html">
<a href="./embedding-activemq.html">
<i class="fa fa-check"></i>
<b>46.</b>
Embedding Apache ActiveMQ Artemis
</a>
</li>
<li class="chapter " data-level="47" data-path="spring-integration.html">
<a href="./spring-integration.html">
<i class="fa fa-check"></i>
<b>47.</b>
Spring Integration
</a>
</li>
<li class="chapter " data-level="48" data-path="aerogear-integration.html">
<a href="./aerogear-integration.html">
<i class="fa fa-check"></i>
<b>48.</b>
AeroGear Integration
</a>
</li>
<li class="chapter " data-level="49" data-path="vertx-integration.html">
<a href="./vertx-integration.html">
<i class="fa fa-check"></i>
<b>49.</b>
VertX Integration
</a>
</li>
<li class="chapter " data-level="50" data-path="intercepting-operations.html">
<a href="./intercepting-operations.html">
<i class="fa fa-check"></i>
<b>50.</b>
Intercepting Operations
</a>
</li>
<li class="chapter " data-level="51" data-path="protocols-interoperability.html">
<a href="./protocols-interoperability.html">
<i class="fa fa-check"></i>
<b>51.</b>
Protocols and Interoperability
</a>
</li>
<li class="chapter " data-level="52" data-path="tools.html">
<a href="./tools.html">
<i class="fa fa-check"></i>
<b>52.</b>
Tools
</a>
</li>
<li class="chapter " data-level="53" data-path="maven-plugin.html">
<a href="./maven-plugin.html">
<i class="fa fa-check"></i>
<b>53.</b>
Maven Plugin
</a>
</li>
<li class="chapter " data-level="54" data-path="perf-tuning.html">
<a href="./perf-tuning.html">
<i class="fa fa-check"></i>
<b>54.</b>
Troubleshooting and Performance Tuning
</a>
</li>
<li class="chapter " data-level="55" data-path="configuration-index.html">
<a href="./configuration-index.html">
<i class="fa fa-check"></i>
<b>55.</b>
Configuration Reference
</a>
</li>
<li class="divider"></li>
<li>
<a href="https://www.gitbook.com" target="blank" class="gitbook-link">
Published with GitBook
</a>
</li>
</ul>
</div>
<div class="book-body">
<div class="body-inner">
<div class="book-header">
<!-- Actions Left -->
<a href="#" class="btn pull-left toggle-summary" aria-label="Table of Contents"><i class="fa fa-align-justify"></i></a>
<a href="#" class="btn pull-left toggle-search" aria-label="Search"><i class="fa fa-search"></i></a>
<div id="font-settings-wrapper" class="dropdown pull-left">
<a href="#" class="btn toggle-dropdown" aria-label="Font Settings"><i class="fa fa-font"></i>
</a>
<div class="dropdown-menu font-settings">
<div class="dropdown-caret">
<span class="caret-outer"></span>
<span class="caret-inner"></span>
</div>
<div class="buttons">
<button type="button" id="reduce-font-size" class="button size-2">A</button>
<button type="button" id="enlarge-font-size" class="button size-2">A</button>
</div>
<div class="buttons font-family-list">
<button type="button" data-font="0" class="button">Serif</button>
<button type="button" data-font="1" class="button">Sans</button>
</div>
<div class="buttons color-theme-list">
<button type="button" id="color-theme-preview-0" class="button size-3" data-theme="0">White</button>
<button type="button" id="color-theme-preview-1" class="button size-3" data-theme="1">Sepia</button>
<button type="button" id="color-theme-preview-2" class="button size-3" data-theme="2">Night</button>
</div>
</div>
</div>
<!-- Actions Right -->
<div class="dropdown pull-right">
<a href="#" class="btn toggle-dropdown" aria-label="Share"><i class="fa fa-share-alt"></i>
</a>
<div class="dropdown-menu font-settings dropdown-left">
<div class="dropdown-caret">
<span class="caret-outer"></span>
<span class="caret-inner"></span>
</div>
<div class="buttons">
<button type="button" data-sharing="twitter" class="button">
Share on Twitter
</button>
<button type="button" data-sharing="google-plus" class="button">
Share on Google
</button>
<button type="button" data-sharing="facebook" class="button">
Share on Facebook
</button>
<button type="button" data-sharing="weibo" class="button">
Share on Weibo
</button>
<button type="button" data-sharing="instapaper" class="button">
Share on Instapaper
</button>
</div>
</div>
</div>
<a href="#" target="_blank" class="btn pull-right google-plus-sharing-link sharing-link" data-sharing="google-plus" aria-label="Google"><i class="fa fa-google-plus"></i></a>
<a href="#" target="_blank" class="btn pull-right facebook-sharing-link sharing-link" data-sharing="facebook" aria-label="Facebook"><i class="fa fa-facebook"></i></a>
<a href="#" target="_blank" class="btn pull-right twitter-sharing-link sharing-link" data-sharing="twitter" aria-label="Twitter"><i class="fa fa-twitter"></i></a>
<!-- Title -->
<h1>
<i class="fa fa-circle-o-notch fa-spin"></i>
<a href="./" >ActiveMQ Artemis Documentation</a>
</h1>
</div>
<div class="page-wrapper" tabindex="-1">
<div class="page-inner">
<section class="normal" id="section-">
<h1 id="security">Security</h1>
<p>This chapter describes how security works with Apache ActiveMQ Artemis and how you can
configure it. To disable security completely simply set the
<code>security-enabled</code> property to false in the <code>broker.xml</code>
file.</p>
<p>For performance reasons security is cached and invalidated every so
long. To change this period set the property
<code>security-invalidation-interval</code>, which is in milliseconds. The default
is <code>10000</code> ms.</p>
<h2 id="role-based-security-for-addresses">Role based security for addresses</h2>
<p>Apache ActiveMQ Artemis contains a flexible role-based security model for applying
security to queues, based on their addresses.</p>
<p>As explained in <a href="using-core.html">Using Core</a>, Apache ActiveMQ Artemis core consists mainly of sets of queues bound
to addresses. A message is sent to an address and the server looks up
the set of queues that are bound to that address, the server then routes
the message to those set of queues.</p>
<p>Apache ActiveMQ Artemis allows sets of permissions to be defined against the queues
based on their address. An exact match on the address can be used or a
wildcard match can be used using the wildcard characters &apos;<code>#</code>&apos; and
&apos;<code>*</code>&apos;.</p>
<p>Seven different permissions can be given to the set of queues which
match the address. Those permissions are:</p>
<ul>
<li><p><code>createDurableQueue</code>. This permission allows the user to create a
durable queue under matching addresses.</p>
</li>
<li><p><code>deleteDurableQueue</code>. This permission allows the user to delete a
durable queue under matching addresses.</p>
</li>
<li><p><code>createNonDurableQueue</code>. This permission allows the user to create a
non-durable queue under matching addresses.</p>
</li>
<li><p><code>deleteNonDurableQueue</code>. This permission allows the user to delete a
non-durable queue under matching addresses.</p>
</li>
<li><p><code>send</code>. This permission allows the user to send a message to
matching addresses.</p>
</li>
<li><p><code>consume</code>. This permission allows the user to consume a message from
a queue bound to matching addresses.</p>
</li>
<li><p><code>manage</code>. This permission allows the user to invoke management
operations by sending management messages to the management address.</p>
</li>
</ul>
<p>For each permission, a list of roles who are granted that permission is
specified. If the user has any of those roles, he/she will be granted
that permission for that set of addresses.</p>
<p>Let&apos;s take a simple example, here&apos;s a security block from
<code>broker.xml</code> file:</p>
<pre><code>&lt;security-setting match=&quot;globalqueues.europe.#&quot;&gt;
&lt;permission type=&quot;createDurableQueue&quot; roles=&quot;admin&quot;/&gt;
&lt;permission type=&quot;deleteDurableQueue&quot; roles=&quot;admin&quot;/&gt;
&lt;permission type=&quot;createNonDurableQueue&quot; roles=&quot;admin, guest, europe-users&quot;/&gt;
&lt;permission type=&quot;deleteNonDurableQueue&quot; roles=&quot;admin, guest, europe-users&quot;/&gt;
&lt;permission type=&quot;send&quot; roles=&quot;admin, europe-users&quot;/&gt;
&lt;permission type=&quot;consume&quot; roles=&quot;admin, europe-users&quot;/&gt;
&lt;/security-setting&gt;
</code></pre><p>The &apos;<code>#</code>&apos; character signifies &quot;any sequence of words&quot;. Words are
delimited by the &apos;<code>.</code>&apos; character. For a full description of the wildcard
syntax please see <a href="wildcard-syntax.html">Understanding the Wildcard Syntax</a>.
The above security block applies to any address
that starts with the string &quot;globalqueues.europe.&quot;:</p>
<p>Only users who have the <code>admin</code> role can create or delete durable queues
bound to an address that starts with the string &quot;globalqueues.europe.&quot;</p>
<p>Any users with the roles <code>admin</code>, <code>guest</code>, or <code>europe-users</code> can create
or delete temporary queues bound to an address that starts with the
string &quot;globalqueues.europe.&quot;</p>
<p>Any users with the roles <code>admin</code> or <code>europe-users</code> can send messages to
these addresses or consume messages from queues bound to an address that
starts with the string &quot;globalqueues.europe.&quot;</p>
<p>The mapping between a user and what roles they have is handled by the
security manager. Apache ActiveMQ Artemis ships with a user manager that reads user
credentials from a file on disk, and can also plug into JAAS or JBoss
Application Server security.</p>
<p>For more information on configuring the security manager, please see &apos;Changing the Security Manager&apos;.</p>
<p>There can be zero or more <code>security-setting</code> elements in each xml file.
Where more than one match applies to a set of addresses the <em>more
specific</em> match takes precedence.</p>
<p>Let&apos;s look at an example of that, here&apos;s another <code>security-setting</code>
block:</p>
<pre><code>&lt;security-setting match=&quot;globalqueues.europe.orders.#&quot;&gt;
&lt;permission type=&quot;send&quot; roles=&quot;europe-users&quot;/&gt;
&lt;permission type=&quot;consume&quot; roles=&quot;europe-users&quot;/&gt;
&lt;/security-setting&gt;
</code></pre><p>In this <code>security-setting</code> block the match
&apos;globalqueues.europe.orders.#&apos; is more specific than the previous match
&apos;globalqueues.europe.#&apos;. So any addresses which match
&apos;globalqueues.europe.orders.#&apos; will take their security settings <em>only</em>
from the latter security-setting block.</p>
<p>Note that settings are not inherited from the former block. All the
settings will be taken from the more specific matching block, so for the
address &apos;globalqueues.europe.orders.plastics&apos; the only permissions that
exist are <code>send</code> and <code>consume</code> for the role europe-users. The
permissions <code>createDurableQueue</code>, <code>deleteDurableQueue</code>,
<code>createNonDurableQueue</code>, <code>deleteNonDurableQueue</code> are not inherited from
the other security-setting block.</p>
<p>By not inheriting permissions, it allows you to effectively deny
permissions in more specific security-setting blocks by simply not
specifying them. Otherwise it would not be possible to deny permissions
in sub-groups of addresses.</p>
<h2 id="secure-sockets-layer-ssl-transport">Secure Sockets Layer (SSL) Transport</h2>
<p>When messaging clients are connected to servers, or servers are
connected to other servers (e.g. via bridges) over an untrusted network
then Apache ActiveMQ Artemis allows that traffic to be encrypted using the Secure
Sockets Layer (SSL) transport.</p>
<p>For more information on configuring the SSL transport, please see <a href="configuring-transports.html">Configuring the Transport</a>.</p>
<h2 id="basic-user-credentials">Basic user credentials</h2>
<p>Apache ActiveMQ Artemis ships with a security manager implementation that reads user
credentials, i.e. user names, passwords and role information from properties
files on the classpath called <code>artemis-users.properties</code> and <code>artemis-roles.properties</code>. This is the default security manager.</p>
<p>If you wish to use this security manager, then users, passwords and
roles can easily be added into these files.</p>
<p>To configure this manager then it needs to be added to the <code>bootstrap.xml</code> configuration.
Lets take a look at what this might look like:</p>
<pre><code>&lt;basic-security&gt;
&lt;users&gt;file:${activemq.home}/config/non-clustered/artemis-users.properties&lt;/users&gt;
&lt;roles&gt;file:${activemq.home}/config/non-clustered/artemis-roles.properties&lt;/roles&gt;
&lt;default-user&gt;guest&lt;/default-user&gt;
&lt;/basic-security&gt;
</code></pre><p>The first 2 elements <code>users</code> and <code>roles</code> define what properties files should be used to load in the users and passwords.</p>
<p>The next thing to note is the element <code>defaultuser</code>. This defines what
user will be assumed when the client does not specify a
username/password when creating a session. In this case they will be the
user <code>guest</code>. Multiple roles can be specified for a default user in the
<code>artemis-roles.properties</code>.</p>
<p>Lets now take alook at the <code>artemis-users.properties</code> file, this is basically
just a set of key value pairs that define the users and their password, like so:</p>
<pre><code>bill=activemq
andrew=activemq1
frank=activemq2
sam=activemq3
</code></pre><p>The <code>artemis-roles.properties</code> defines what groups these users belong too
where the key is the user and the value is a comma separated list of the groups
the user belongs to, like so:</p>
<pre><code>bill=user
andrew=europe-user,user
frank=us-user,news-user,user
sam=news-user,user
</code></pre><h2 id="changing-the-username-password-for-clustering">Changing the username/password for clustering</h2>
<p>In order for cluster connections to work correctly, each node in the
cluster must make connections to the other nodes. The username/password
they use for this should always be changed from the installation default
to prevent a security risk.</p>
<p>Please see <a href="management.html">Management</a> for instructions on how to do this.</p>
</section>
</div>
</div>
</div>
<a href="./management.html" class="navigation navigation-prev " aria-label="Previous page: Management"><i class="fa fa-angle-left"></i></a>
<a href="./resource-limits.html" class="navigation navigation-next " aria-label="Next page: Resource Limits"><i class="fa fa-angle-right"></i></a>
</div>
</div>
<script src="gitbook/app.js"></script>
<script>
require(["gitbook"], function(gitbook) {
var config = {"fontSettings":{"theme":null,"family":"sans","size":2}};
gitbook.start(config);
});
</script>
</body>
</html>