Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-1060

Unable to access to AMQ7.1 Management Console in read-only mode

    XMLWordPrintable

Details

    Description

      As administrator I want to create a monitor role to allow access to Management Console only to view and read the status of any objects.

      As administrator I am using roles to manage queues and topics successfully but I would like to have users to monitor the broker with the Management Console.

      At this moment I created a role and I updated the following files as:

      etc/artemis.profile: Changed the roles allowed to access:

      -Dhawtio.roles=amq,monitor

      etc/management.xml: Allowed methods for each method:

      <default-access>
 <access method="list*" roles="amq,monitor"/>
 <access method="get*" roles="amq,monitor"/>
 <access method="is*" roles="amq,monitor"/>
 <access method="set*" roles="amq"/>
 <access method="*" roles="amq"/>
</default-access>
<role-access>
 <match domain="org.apache.activemq.artemis">
 <access method="list*" roles="amq,monitor"/>
 <access method="get*" roles="amq,monitor"/>
 <access method="is*" roles="amq,monitor"/>
 <access method="set*" roles="amq"/>
 <access method="*" roles="amq"/>
 </match>
</role-access>

      With these changes I could login as monitor user however I found a lot of errors as:

      ERROR: Insufficient roles/credentials for operation (class java.lang.SecurityException)

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-1204 make sure access methods are ordered when used

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-944 [AMQ7, Hawtio, RBAC] User gets no feedback if operation access was denied by RBAC

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is caused by

          ARTEMIS-1736 Loading...

          Activity

            People

              rh-ee-ataylor Andy Taylor
              rmarting@redhat.com Roman Martin Gil
              Roman Vais Roman Vais
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: