Related abbreviation
| abbreviation | explain |
|---|---|
| MQ | In this article, we specifically refer to Apache ActiveMQ |
| $ACTIVEMQ_HOME | MQ installation directory |
Modify the console login password of MQ
Since MQ is started in the jetty container, you only need to change the following two places to change the console password of MQ.
- Enter the configuration file directory CD $ActiveMQ of MQ_ HOME/conf
- edit jetty.xml The authentication attribute under the securityConstraintBean in is true, as shown in the figure:
The authenticate attribute in higher version MQ is true by default, which can be modified without modification
- After the authentication property mentioned in the previous step is set to true, the user name / password for console login is jetty in the same level directory- realm.properties The user name / password configuration format of the configuration file is as follows
username: password [,rolename ...]
So the password is after the colon, and the permission name of the user after the comma, as shown in the figure: don't change it
- Save and restart after modification, http://localhost:8161/admin.
Modify the topic of MQ and the username and password of the queue
Next, we modify the password we use to connect to MQ queue / theme in the code. By default, MQ does not need a user name / password when accessing the theme / queue. Of course, you can test it if you don't believe it.
Let's start to modify this configuration to improve the security of our system.
- The first step is to enter the configuration file directory CD $ActiveMQ of MQ_ HOME/conf
- modify activemq.xml , add the following to the location as shown in the figure
<plugins> <!-- Configure authentication; Username, passwords and groups --> <simpleAuthenticationPlugin> <users> <!-- Two variables are referenced here. They are credentials.properties Maintain in file --> <authenticationUser username="${activemq.username}" password="${activemq.password}" groups="admins"/> </users> </simpleAuthenticationPlugin> </plugins>
- The corresponding user name and password are in conf/credentials.properties Maintain in file
## ---------------------------------------------------------------------------
## Licensed to the Apache Software Foundation (ASF) under one or more
## contributor license agreements. See the NOTICE file distributed with
## this work for additional information regarding copyright ownership.
## The ASF licenses this file to You under the Apache License, Version 2.0
## (the "License"); you may not use this file except in compliance with
## the License. You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
## ---------------------------------------------------------------------------
# Defines credentials that will be used by components (like web console) to access the broker
# User name (corresponding to activemq.xml Variables for newly added content in${ activemq.username })
activemq.username=system
# Password (corresponding to activemq.xml Variables for newly added content in${ activemq.password })
activemq.password=manager
guest.password=password
- After modifying the configuration, saving and restarting MQ will take effect. Test it with your hands.