6.5 小结
6.5 Summary
6.5 小结
?
In this chapter, the ActiveMQ broker was secured from non-authenticated and nonauthorized
access. For the most simple purposes, you can use the ActiveMQ simple
authentication plug-in, allowing you to define security credentials directly into the
configuration file. The ActiveMQ JAAS plug-ins provide the ability to utilize the standardized
Java login modules via simple configuration, allowing you to authenticate
users from various sources, such as LDAP, properties files, and so on. Additionally, custom
JAAS login modules can be created for use with other authentication or authorization
schemes such as Kerberos, NTLM, NIS, and so forth.
?
本章中,ActiveMQ代理使用了安全机制以避免对未认证实体对ActiveMQ代理进行未授权访问.大多数情况下,
你可以使用ActiveMQ的简单认证插件,该插件允许直接在配置文件中定义安全凭证.使用JAAS插件通过简单
的配置就可以已用标准的Java登陆模块对来自各种地方的用户进行认证,包含LDAP,属性文件等等.另外,也
可以创建并使用采用了诸如Kerberos, NTLM, NIS等认证授权策略的自定义JAAS登陆模块.
?
Operation-level authorization was also demonstrated for more fine-grained control
over destinations. Next we demonstrated message-level authorization by creating a custom
policy to control consumption of a given message. Then we demonstrated the
ActiveMQ plug-in mechanism through the customized IP-based authentication example.
Finally, we demonstrated how to configure the broker for certificate-based security.
ActiveMQ provides some powerful security mechanisms, as seen in this chapter.
Hopefully the process for utilizing these solutions is more clear after walking through
the examples.
?
为进行更细粒度的访问控制,本周还介绍了操作级别的授权.接着,我们介绍了消息基本的授权--通过创建
一个自定义的策略来控制对特定消息的消费.然后,我们通过一个基于客户端IP地址验证的例子介绍了
ActiveMQ的插件机制.最后,我们介绍了如何配置基于证书安全机制.通过本章内容,我们可以看到ActiveMQ
提供了很多功能强大的安全方面的解决方案,希望了解完上面介绍的例子后,你能够清楚的知道使用这些
的具体流程.
?
With this chapter, we’ve finished the first part of the book that explained ActiveMQ
basics and various concepts regarding configuring the broker. In the following part of
the book, we’ll concentrate more on how to write applications that utilize ActiveMQ. In
particular, the following chapter focuses on topics such as embedding ActiveMQ in your
Java applications and using the Spring framework to write JMS-oriented applications.
?
到本章为止,我们已经完成本书的第一部分,介绍了ActiveMQ的基础知识和各种基本概念包括代理的
配置.本书接下来的内容将集中介绍如何利用ActiveMQ编写应用程序.特别是接下来的章节,我们将
介绍一些如何将ActiveMQ嵌入到应用程序中以及如何利用Spring框架编写面向消息的应用程序.
