Please create a user, 'scott' with the password 'tiger' and then assign 'acme' role Please add the following security settings to the broker configuration: <security-setting match= "TEST.#" > <permission type= "createNonDurableQueue" roles= "amq" /> <permission type= "deleteNonDurableQueue" roles= "amq" /> <permission type= "createDurableQueue" roles= "amq" /> <permission type= "deleteDurableQueue" roles= "amq" /> <permission type= "createAddress" roles= "amq" /> <permission type= "deleteAddress" roles= "amq" /> <permission type= "consume" roles= "amq, acme" /> <permission type= "browse" roles= "amq, acme" /> <permission type= "send" roles= "amq, acme" /> <permission type= "manage" roles= "amq" /> </security-setting> <security-setting match= "activemq.management.#" > <permission type= "createNonDurableQueue" roles= "amq, acme" /> <permission type= "deleteNonDurableQueue" roles= "amq, acme" /> <permission type= "createDurableQueue" roles= "amq" /> <permission type= "deleteDurableQueue" roles= "amq" /> <permission type= "createAddress" roles= "amq, acme" /> <permission type= "deleteAddress" roles= "amq" /> <permission type= "consume" roles= "amq, acme" /> <permission type= "browse" roles= "amq, acme" /> <permission type= "send" roles= "amq, acme" /> <permission type= "manage" roles= "amq, acme" /> </security-setting> Please define an anycast queue, 'samplequeue': <address name= "samplequeue" > <anycast> <queue name= "samplequeue" /> </anycast> </address> Please try to consume messages from the newly defined user/role : scott/tiger. The broker would not allow the user scott to consume messages. $ ./artemis consumer --message-count 2 --destination queue://samplequeue --user scott --password tiger --verbose Output: Consumer ActiveMQQueue[samplequeue], thread=0 wait until 2 messages are consumed javax.jms.JMSSecurityException: AMQ229213: User: scott does not have permission='CONSUME' for queue samplequeue on address samplequeue at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:549) at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:443) at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQSessionContext.createConsumer(ActiveMQSessionContext.java:391) at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.internalCreateConsumer(ClientSessionImpl.java:2012) at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.createConsumer(ClientSessionImpl.java:887) at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.createConsumer(ClientSessionImpl.java:835) at org.apache.activemq.artemis.jms.client.ActiveMQSession.createClientConsumer(ActiveMQSession.java:945) at org.apache.activemq.artemis.jms.client.ActiveMQSession.createConsumer(ActiveMQSession.java:825) at org.apache.activemq.artemis.jms.client.ActiveMQSession.createConsumer(ActiveMQSession.java:475) at org.apache.activemq.artemis.jms.client.ActiveMQSession.createConsumer(ActiveMQSession.java:447) at org.apache.activemq.artemis.cli.commands.messages.ConsumerThread.consume(ConsumerThread.java:177) at org.apache.activemq.artemis.cli.commands.messages.ConsumerThread.run(ConsumerThread.java:67) Caused by: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ229213: User: scott does not have permission='CONSUME' for queue samplequeue on address samplequeue] ... 12 more Consumer ActiveMQQueue[samplequeue], thread=0 Consumer thread finished Now, please try to purge messages using the user scott , the broker would allow the user scott to purge messages: $ ./artemis queue purge --name samplequeue --user scott --password tiger --verbose Output: Oct. 21, 2021 12:03:49 PM java.lang.System$LoggerFinder lambda$accessProvider$0 WARNING: Failed to instantiate LoggerFinder provider; Using default. Executing org.apache.activemq.artemis.cli.commands.queue.PurgeQueue queue purge --name samplequeue --user scott --password tiger --verbose Home::/home/bershath/apps/amq/broker/amq-broker-7.9.0, Instance::/home/bershath/apps/amq/broker/amq-broker-7.9.0/bin/jms Connection brokerURL = tcp://localhost:61616 Queue samplequeue purged successfully.