ActiveMQ-自定义用户验证-白红宇

ActiveMQ-自定义用户验证

阅读量：6993 次

发布时间：2019-06-27

本文共 6442 字，大约阅读时间需要 21 分钟。

ActiveMQ采用plugin方式扩展方法，下面是如何使用plugin方式进行自定义的登录方式。

准备创建mysql数据库保存用户，密码，权限等信息。

多台MQ服务器加入自定义的plugin插件，通过这个plugin访问mysql服务器进行登录与授权操作。

一、plugin基本结构与配置

具体代码如下：

public class AuthPlugin implements BrokerPlugin {    @Override    public Broker installPlugin(Broker broker) throws Exception {        return new AuthBroker(broker);    }}public class AuthBroker extends AbstractAuthenticationBroker {    private static Log log = LogFactory.getLog(AuthBroker.class);    public AuthBroker(Broker next) {        super(next);    }    @Override    public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {        log.debug("addConnection");        SecurityContext securityContext = context.getSecurityContext();        if (securityContext == null) {            securityContext = authenticate(info.getUserName(), info.getPassword(), null);            context.setSecurityContext(securityContext);            securityContexts.add(securityContext);        }                try {            super.addConnection(context, info);        } catch (Exception e) {            securityContexts.remove(securityContext);            context.setSecurityContext(null);            throw e;        }    }        @Override    public SecurityContext authenticate(String username, String password, X509Certificate[] peerCertificates) throws SecurityException {        SecurityContext securityContext = null;        if("admin".equals(username)&&"1234".equals(password)){             securityContext = new SecurityContext(username) {                    @Override                    public Set
     
       getPrincipals() {                        Set
      
        groups = new HashSet
       
        ();                        groups.add(new GroupPrincipal("users"));                        return groups;                    }                };        }else{            throw new SecurityException("验证失败");        }        return securityContext;    }}

安装插件的步骤如下:

1.将代码导出jar

2.将jar包拷贝到activemq目录下的lib目录下

3.修改activemq\conf\activemq.xml

　　在broker中加入


     
      //...

4.修改activemq/conf/log4j.properties。日志文件目录在activemq/data/activemq.log

log4j.rootLogger=INFO, console, logfilelog4j.logger.org.apache.activemq.spring=WARNlog4j.logger.org.apache.activemq.web.handler=WARNlog4j.logger.org.springframework=WARNlog4j.logger.org.apache.xbean=WARNlog4j.logger.org.apache.camel=INFOlog4j.logger.org.eclipse.jetty=WARNlog4j.logger.com.test.activemq=DEBUG

5.重启activemq服务。

二、集成mysql

1.将mysql-connector-java-5.1.20.jar复制到activemq\lib目录下

2.数据库操作采用spring-jdbc的方式，需要将spring-jdbc-4.1.9.RELEASE.jar复制到activemq\lib\optional目录下(spring-jdbc的版本应与lib\optional其他的spring相同)

3.修改activemq\conf\activemq.xml文件


     
          //...

4.修改activemq\conf\activemq.xml文件的PropertyPlaceholderConfigurer


     
          //...    
              
                   
                        
         
          file:${activemq.conf}/credentials.properties
                         
         
          file:${activemq.conf}/db.properties

5.增加activemq\conf\activemq.xml文件的<broker>

6.AuthPlugin的代码如下:

public class AuthPlugin implements BrokerPlugin {    JdbcTemplate jdbcTemplate;//注入了spring-jdbc    public AuthPlugin(JdbcTemplate jdbcTemplate) {        this.jdbcTemplate=jdbcTemplate;    }    @Override    public Broker installPlugin(Broker broker) throws Exception {        return new AuthBroker(broker,jdbcTemplate);    }}

7.AuthBroker的代码如下:

public class AuthBroker extends AbstractAuthenticationBroker {    private static Log log = LogFactory.getLog(AuthBroker.class);        private JdbcTemplate jdbcTemplate;    public AuthBroker(Broker next,JdbcTemplate jdbcTemplate) {        super(next);        this.jdbcTemplate=jdbcTemplate;    }    /**     *      * 创建连接的时候拦截     * 
     */    @Override    public void addConnection(ConnectionContext context, ConnectionInfo info) throws Exception {        log.debug("addConnection");        SecurityContext securityContext = context.getSecurityContext();        if (securityContext == null) {            securityContext = authenticate(info.getUserName(), info.getPassword(), null);            context.setSecurityContext(securityContext);            securityContexts.add(securityContext);        }                try {            super.addConnection(context, info);        } catch (Exception e) {            securityContexts.remove(securityContext);            context.setSecurityContext(null);            throw e;        }    }    /**     * 得到用户信息     * Title: getUser
     * @param username     * @return     */    private User getUser(String username){        String sql="select * from jh_user where username=? limit 1";        User user=jdbcTemplate.queryForObject(sql,new Object[]{username},new BeanPropertyRowMapper
     
      (User.class));        return user;    }    /**     * 认证     * 
      Title: authenticate
     */    @Override    public SecurityContext authenticate(String username, String password, X509Certificate[] peerCertificates) throws SecurityException {        SecurityContext securityContext = null;        User user=getUser(username);        //验证用户信息        if(user!=null&&user.getPwd().equals(password)){             securityContext = new SecurityContext(username) {                    @Override                    public Set
      
        getPrincipals() {                        Set
       
         groups = new HashSet
        
         ();                        groups.add(new GroupPrincipal("users"));//默认加入了users的组                        return groups;                    }                };        }else{            throw new SecurityException("验证失败");        }        return securityContext;    }}