JMS Bridge using JAAS Cert login

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

JMS Bridge using JAAS Cert login

james.menzies
Hi,

I'm trying to connect 2 instances of Avtivemq 5.14.0 together using a JMS
bridge. I am also using the JaasCertificateAuthenticationPlugin.

One broker has no JMS bridge configuration but is using the
JaasCertificateAuthenticationPlugin and is using an SSLContext.

The second broker is using a basic JMS bridge (detailed below) which just
forwards a local queue to a remote queue. It uses the
ActiveMQConnectionFactory as the remote factory. This also uses
JaasCertificateAuthenticationPlugin and an SSLContext.

<bean id="remoteFactory"
class="org.apache.activemq.ActiveMQConnectionFactory">
  <property name="brokerURL" value="amqps://hostname:5671"/>
</bean>


<jmsBridgeConnectors>
  <jmsQueueConnector outboundQueueFactory="#remotefactory">
     <outboundQueueBridges>
       <outboundQueueBridge localQueueName="local.test.queue"
outboundQueueName="remote.test.queue"/>
     </outboundQueueBridges>
   <jmsQueueConnector>
<jmsBridgeConnectors>


The certificates being used are valid and should allow a connection.

When I try and start the second broker I recieve a "Security error occured
on connection to: vm://activeBroker#1, Unable to authenticate transport
without SSL certificate"

To make this slightly more complicated I am using my own login module,
defined in the login.config file. Although this shouldn't change the
behaviour of the broker. All it does is check for each message whether the
DN of the producer is on a per queue ACL list. However, this does not affect
the SSL connection and so anyone with a valid cert should be able to connect
in the first place.

Any help would be greatly appricated.
Thanks,
James



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html