Logsta sh подключается к очереди JBoss, вызывая «AMQ119031 Невозможно проверить пользователя»

Question

Я пытаюсь подключиться к удаленной очереди на JBoss EAP 7.1 с logsta sh. Я уже сделал пользователя приложения и назначил ему роль guest, используя add-user.sh, но всякий раз, когда я пытаюсь подключиться к очереди, я получаю ошибку AMQ119031 Unable to validate user, здесь мои настройки из logstash.conf:

input {
    jms {
        # Logstash Configuration Settings. 
        include_header => false
        include_properties => false
        include_body => true
        use_jms_timestamp => false
        destination => "AuditTrailMDB"
        pub_sub => false
        # JNDI Settings
        jndi_name => 'jms/RemoteConnectionFactory'
        jndi_context => { 
            'java.naming.factory.initial' => org.wildfly.naming.client.WildFlyInitialContextFactory
            'java.naming.security.principal' => 'admin'
            'java.naming.provider.url' => 'http-remoting://127.0.0.1:8080'
            'java.naming.security.credentials' => 'admin'
        }
        # Jar files to be imported
        require_jars=> ['/home/Alternant/logstash/dependencies/wildfly-client-all-7.1.0.GA-redhat-11.jar']
    }
 } 

 output {
     stdout{}
 }

standalone.xml:

<subsystem xmlns="urn:jboss:domain:messaging-activemq:2.0">
    <server name="default">
        <security-setting name="#">
            <role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>
        </security-setting>
        <address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10"/>
        <http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/>
        <http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput">
            <param name="batch-delay" value="50"/>
        </http-connector>
        <remote-connector name="netty" socket-binding="remote-messaging"/>
        <in-vm-connector name="in-vm" server-id="0">
            <param name="buffer-pooling" value="false"/>
        </in-vm-connector>
        <http-acceptor name="http-acceptor" http-listener="default"/>
        <http-acceptor name="http-acceptor-throughput" http-listener="default">
            <param name="batch-delay" value="50"/>
            <param name="direct-deliver" value="false"/>
        </http-acceptor>
        <remote-acceptor name="netty" socket-binding="messaging"/>
        <in-vm-acceptor name="in-vm" server-id="0">
            <param name="buffer-pooling" value="false"/>
        </in-vm-acceptor>
        <jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>
        <jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>
        <jms-queue name="clientPending" entries="queue/clientPending"/>
        <jms-queue name="AuditTrailMDB" entries="queue/AuditTrailMDB java:jboss/exported/AuditTrailMDB"/>
        <connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
        <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector"/>
        <connection-factory name="ApplicationsQueueConnectionFactory" entries="/ApplicationsQueueConnectionFactory" connectors="in-vm"/>
        <pooled-connection-factory name="activemq-ra" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm" transaction="xa"/>
    </server>
</subsystem>

А для журнала

[main] JMS Consumer Died {:exception=>"Java::JavaxJms::JMSSecurityException", :exception_message=>"AMQ119031: Unable to validate user", :backtrace=>["org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(org/apache/activemq/artemis/core/protocol/core/impl/ChannelImpl.java:404)", "org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(org/apache/activemq/artemis/core/protocol/core/impl/ChannelImpl.java:315)", "org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQClientProtocolManager.createSessionContext(org/apache/activemq/artemis/core/protocol/core/impl/ActiveMQClientProtocolManager.java:288)", "org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQClientProtocolManager.createSessionContext(org/apache/activemq/artemis/core/protocol/core/impl/ActiveMQClientProtocolManager.java:237)", "org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSessionChannel(org/apache/activemq/artemis/core/client/impl/ClientSessionFactoryImpl.java:1284)", "org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(org/apache/activemq/artemis/core/client/impl/ClientSessionFactoryImpl.java:670)", "org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSession(org/apache/activemq/artemis/core/client/impl/ClientSessionFactoryImpl.java:295)", "org.apache.activemq.artemis.jms.client.ActiveMQConnection.authorize(org/apache/activemq/artemis/jms/client/ActiveMQConnection.java:671)", "org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(org/apache/activemq/artemis/jms/client/ActiveMQConnectionFactory.java:791)", "org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(org/apache/activemq/artemis/jms/client/ActiveMQConnectionFactory.java:265)", "org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(org/apache/activemq/artemis/jms/client/ActiveMQConnectionFactory.java:260)", "java.lang.reflect.Method.invoke(java/lang/reflect/Method.java:498)", "org.jruby.javasupport.JavaMethod.invokeDirectWithExceptionHandling(org/jruby/javasupport/JavaMethod.java:440)"

JBoss log:

12:09:17,956 ERROR [org.apache.activemq.artemis.core.server] (default I/O-3) AMQ224018: Failed to create session: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ119031: Unable to validate user]
    at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:144)
    at org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1283)
    at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handleCreateSession(ActiveMQPacketHandler.java:158)
    at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handlePacket(ActiveMQPacketHandler.java:81)
    at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:633)
    at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:379)
    at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:362)
    at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:621)
    at org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:69)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
    at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:293)
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:267)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1334)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:926)
    at org.xnio.netty.transport.AbstractXnioSocketChannel$ReadListener.handleEvent(AbstractXnioSocketChannel.java:443)
    at org.xnio.netty.transport.AbstractXnioSocketChannel$ReadListener.handleEvent(AbstractXnioSocketChannel.java:379)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)

Answer 1

Вы не передаете учетные данные для JMS. Вы передаете учетные данные для поиска JNDI, но имейте в виду, что JNDI и JMS на 100% независимы друг от друга и поэтому имеют свои собственные учетные данные. Вы должны установить username и password в своем блоке jms в logstash.conf, как указано в документации Logsta sh , например:

jms {
    # Logstash Configuration Settings. 
    include_header => false
    include_properties => false
    include_body => true
    use_jms_timestamp => false
    destination => "AuditTrailMDB"
    pub_sub => false
    # JMS provider credentials
    username => "admin"
    password => "admin"
    # JNDI Settings
    jndi_name => 'jms/RemoteConnectionFactory'
    jndi_context => { 
        'java.naming.factory.initial' => org.wildfly.naming.client.WildFlyInitialContextFactory
        'java.naming.security.principal' => 'admin'
        'java.naming.provider.url' => 'http-remoting://127.0.0.1:8080'
        'java.naming.security.credentials' => 'admin'
    }
    # Jar files to be imported
    require_jars=> ['/home/Alternant/logstash/dependencies/wildfly-client-all-7.1.0.GA-redhat-11.jar']
}

ясно, этот пример конфигурации является лишь примером. Вы должны настроить его так, чтобы использовать соответствующие учетные данные для вашей среды.