How to configure ActiveMQ to assign an 'anonymous' user and role to non-authenticated users
Question
I wish to set up a ActiveMQ instance (primarily as a STOMP server) which will service requests from two types of clients:
- authenticated users which can read and write to topics
- non-authenticated users which can only read from topics
I have been using the SimpleAuthenticationBroker so far and I cannot see anyway to configure the above situation, nor do I see any bit in the code which recognises a wildcard for a user to pass authentication.
If I configure the server to use the authentication broker, it will expect ALL connections to authenticate, which is what I don't want.
The only solution I think I can see is to provide my own implementation to support the functionality I require, but I would love to find some way built into the server.
Solution
This is not currently supported by ActiveMQ security implementation, but you can always define a user that can connect without a password with read-only privileges.
You can raise Jira enhancement request (https://issues.apache.org/activemq/browse/AMQ) for this non-authenticated users feature and better yet provide a patch for current plugins.
OTHER TIPS
This feature is now available as of ActiveMQ 5.4, as I've just found when searching for the same functionality: http://activemq.apache.org/security.html
As of ActiveMQ 5.4, you can set it up in the following way. find the
<plugins>
...
</plugins>
section in the etc/activemq.xml
file and edit it to contain the simpleAuthenticationPlugin like this:
<simpleAuthenticationPlugin anonymousAccessAllowed="true" />