I install ActiveMQ 5.10 on MacOSX Yosemite. I can change the file jetty-realm.properties to restrict access to Web Console at localhost:8161.
However, when I write Ruby code to connect to the ActiveMQ using Stomp like this:
require 'stomp'
client = Stomp::Client.new('any username', 'any password', 'localhost', 61613)
I can use the client to publish and subscribe to every queue on ActiveMQ server.
Can somebody please suggest a way that I can restrict the access to ActiveMQ server from remote connections.
I have tried the following links, but none of them works: https://security.stackexchange.com/questions/7989/how-to-secure-a-activemq http://activemq.apache.org/version-5-getting-started.html#Version5GettingStarted-ConfiguringActiveMQ http://activemq.apache.org/security.html
I found the answer after playing awhile more and read the whole schema file for broker.
In ActiveMQ 5.10, the broker is put directly in conf/activemq.xml.
First, I solve the problem like this: In activemq.xml, under
<broker>
, I put:So it was the missing
<plugins>
in all the dumb documentations that made the config be useless.Better solution:
I copy the whole
<broker>
section in activemq.xml and place it in a file called broker.xml (You can call it anything, for example apache_dumb_documentation.xml), under a section called<bean>
Then in activemq, in the former place of
<broker>
, I just write: