|
|
PHP Security
PHP client is able to work with secured brokers, correctly applying their authentication and authorization policies. For more information on how to secure ActiveMQ broker see http://activemq.apache.org/security.html.
 | Availability Stomp security implementation in ActiveMQ is available from version 5.1 onwards. |
Authentication
When connecting to the broker you can specify username and password which will be used to check your privileges against broker's security mechanism.
PHP4 code sample
if (!$conn->connect("dejanb", "test123")) { echo $conn->error . " - " . $conn->exception; trigger_error("Connection failed", E_USER_ERROR); }
In case of unsuccessful authentication, the connect() method will fail.
User name or password is invalid. - java.lang.SecurityException: User name or password is invalid.
at org.apache.activemq.security.SimpleAuthenticationBroker.addConnection(SimpleAuthenticationBroker.java:52)
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:81)
at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:656)
at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86)
at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:125)
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:280)
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:177)
at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:67)
at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:79)
at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:128)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:437)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:163)
at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:69)
at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:189)
at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:176)
at java.lang.Thread.run(Thread.java:595)
 | Handling errors For more information on how to handle error/exceptions in PHP4/PHP5 clients, see Handling Errors . |
Authorization
If you use synchronous operations you can handle authorization errors when you try to access (read/write) certain destinations.
PHP4 code sample
if (!$conn->send("/queue/test", "test")) { echo $conn->error . " - " . $conn->exception; trigger_error("Sending failed", E_USER_ERROR); }
In case of error, you can expect the following output
User guest is not authorized to write to: queue://test -
java.lang.SecurityException: User guest is not authorized to write to: queue://test
at org.apache.activemq.security.AuthorizationBroker.send(AuthorizationBroker.java:173)
at org.apache.activemq.broker.MutableBrokerFilter.send(MutableBrokerFilter.java:135)
at org.apache.activemq.broker.TransportConnection.processMessage(TransportConnection.java:433)
at org.apache.activemq.command.ActiveMQMessage.visit(ActiveMQMessage.java:623)
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:280)
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:177)
at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:67)
at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:79)
at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:128)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompSend(ProtocolConverter.java:222)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommad(ProtocolConverter.java:149)
at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:69)
at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:189)
at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:176)
at java.lang.Thread.run(Thread.java:595)User guest is not authorized to read from: queue://test
User guest is not authorized to read from: queue://test
| Handling errors For more information on how to handle error/exceptions in PHP4/PHP5 clients, see Handling Errors . |
Copyright 2003-2006 - The Codehaus. All rights reserved unless otherwise noted.
Powered by Atlassian Confluence
[ edit ]