beautypg.com

4 security, Authentication, Simple authentication plugin – HP Integrity NonStop H-Series User Manual

Page 42

background image

4 Security

This chapter describes the various security methods implemented in NSMQ.

Security in NSMQ consists of:

Authentication

Authorization

Secure Socket Layer (SSL)

Authentication

The authentication between the brokers and producers and consumers is implemented with the
combination of username and password while creating the connection. The authentication in
NSMQ is implemented using the following methods:

Simple authentication plugin

Using this plugin, you can define users and groups directly by adding a
simpleAuthenticationPlugin

element into the broker's XML configuration file. When a client

connects to a broker, it is validated with the username and password combination provided in this
file.

You can also grant anonymous access by adding the anonymousAccessAllowed attribute and
setting it to true in the simpleAuthenticationPlugin element.

To enable simpleAuthenticationPlugin, configure the
activemqNonPersistent.template

and activemqPersistent.template files located

at /nsmq/T0975H01 folder as follows:

1.

Remove the comment for the element.

2.

Comment out the and the
within the element.

Now, only the is enabled. The default users are as
mentioned in the activemqNonPersistent.template and
activemqPersistent.template

files. You must provide the username and password

while creating a JMS connection.

3.

By default anonymousAccessAllowed attribute of the
element is set to true. This implies that a valid JMS connection can be acquired even without
user credentials. If you set this attribute to false, then only the users specified in the

element can access JMS.

The following code snippet is an example of the simpleAuthenticationPlugin.







CAUTION:

If you enable anonymous access without authorization, any client can access the

broker. HP recommends that you also enable authorization when enabling anonymous access.

Java Authentication and Authorization Service (JAAS) plugin

The JAAS plugin is configured using a login configuration file, login.config. This file is located
by setting the java system property java.security.auth.login.config to point to it. If the
system property is not specified, the broker looks for the login.config file specified by the

42

Security

This manual is related to the following products:
See also other documents in the category HP Computer hardware: