启动/停止
$ /usr/local/bin/activemq start/stop
web控制台地址:http://localhost:8161
默认端口(8161),配置文件地址:conf/jetty.xml
<!-- the default port number for the web console -->
<property name="host" value="0.0.0.0"/>
<property name="port" value="8161"/>
默认用户名和密码:admin / admin,配置文件地址:conf/users.properties
admin=admin
client默认端口(61616),配置文件地址:conf/activemq.xml
<transportConnectors>
<!-- DOS protection, limit concurrent connections to 1000 and frame size to 100MB -->
<transportConnector name="openwire" uri="tcp://0.0.0.0:61616?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="amqp" uri="amqp://0.0.0.0:5672?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="stomp" uri="stomp://0.0.0.0:61613?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="mqtt" uri="mqtt://0.0.0.0:1883?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
<transportConnector name="ws" uri="ws://0.0.0.0:61614?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
</transportConnectors>
JAAS认证
1、conf/login.config
activemq {
org.apache.activemq.jaas.PropertiesLoginModule required
org.apache.activemq.jaas.properties.user="users.properties"
org.apache.activemq.jaas.properties.group="groups.properties";
};
2、conf/users.properties
用户名=密码
3、conf/groups.properties
admins=用户名
4、systemUsage标签之前加上conf/activemq.xml
<plugins>
<!--use JAAS to authenticate using the login.config file on the classpath to configure JAAS -->
<jaasAuthenticationPlugin configuration="activemq" />
<!-- lets configure a destination based authorization mechanism -->
<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<!-- >表示通配符,例如USERS.>表示以USERS.开头的主题,>表示所有主题,read表示读的权限,write表示写的权限,admin表示是否能创建-->
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry topic=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="ActiveMQ.Advisory.>" read="tests" write="tests" admin="tests" />
<authorizationEntry topic="ActiveMQ.Advisory.>" read="tests" write="tests" admin="tests" />
<!-- tests组具有tests.>的queue和topic的所有权限,没有其他的权限 -->
<authorizationEntry queue="test.>" read="tests" write="tests" admin="tests" />
<authorizationEntry topic="test.>" read="tests" write="tests" admin="tests" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>
</plugins>
read:可以从queue或者topic里面接收消息
write:可以向queue或者topic发送消息
admin:可以创建queue或者topic
例:
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
">"是通配符的意思,也就是admins组的角色,拥有read、write、admin的权限。
<authorizationEntry queue="USERS.>" read="users" write="admins" admin="admins" />
queue名称以"USERS."开头的,users组只拥有读权限,即只能收消息,不能发消息。