ActivityMQ的自定義安全插件

---

上一節提到了ActivityMQ的兩種安全插件

• Simple Authentication(簡單的身份驗證)

• JAAS authentication(JAAS身份驗證)

最先考慮的應該是實現JAAS身份認證，如果一些需求JAAS不能滿足的話，就要采取自定義安全插件的方法

---

1.首先寫一個自定義的Broker，繼承BrokerFilter，實現addConnection方法，實現的功能是只允許特定的ip訪問Broker

public class IPAuthenticationBroker extends BrokerFilter { List<String> allowedIPAddresses; Pattern pattern = Pattern.compile("^/([0-9\\.]*):(.*)"); public IPAuthenticationBroker(Broker next, List<String>allowedIPAddresses) {super(next);this.allowedIPAddresses = allowedIPAddresses; } public void addConnection(ConnectionContextcontext, ConnectionInfo info) throws Exception { Filter connections based on IP addressString remoteAddress = context.getConnection().getRemoteAddress(); Matcher matcher = pattern.matcher(remoteAddress);if (matcher.matches()) {String ip = matcher.group(1);if (!allowedIPAddresses.contains(ip)) {throw new SecurityException("Connecting from IP address "+ ip + " is not allowed" ); } } else {throw new SecurityException("Invalid remote address "+ remoteAddress); }super.addConnection(context, info);} }

---

2.然后寫一個自定義插件類，實現BrokerPlugin的installPlugin方法

注意：這個方法返回一個BrokerFilter的實現類，可以理解這里有很多個Filter，每次Broker經過一個Filter返回他自己，在經過下一個Filter再返回他自己，這點與javaee的controller是一樣的；還有一定要有構造函數參數的getter和setter方法，和spring注入一致

public class IPAuthenticationPlugin implements BrokerPlugin { List<String> allowedIPAddresses; public Broker installPlugin(Broker broker) throws Exception { return new IPAuthenticationBroker(broker, allowedIPAddresses); }public List<String> getAllowedIPAddresses() {return allowedIPAddresses; } Create instance of custom classpublic void setAllowedIPAddresses(List<String> allowedIPAddresses) { this.allowedIPAddresses = allowedIPAddresses; } }

---

3.接著我們只需要把這個plugin添加到activitymq.xml中就可以了

<broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" dataDirectory="${activemq.base}/data"><plugins><bean xmlns="http://www.springframework.org/schema/beans" id="ipAuthenticationPlugin" class="org.apache.activemq.book.ch6.IPAuthenticationPlugin"><property name="allowedIPAddresses"><list><value>127.0.0.1</value></list></bean></plugins></property> </broker>

當然，這個maven項目也要mvn clean install，打包到maven倉庫里面，然后把ipAuthenticationPlugin的類的路徑改掉就能正常運行了

總結

以上是生活随笔為你收集整理的ActiveMQ的自定义安全插件(十)的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。