Apache
/
activemq-artemis
mirror of https://github.com/apache/activemq-artemis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
activemq-artemis/docs/migration-guide/_authentication.adoc

36 lines
1.8 KiB
Plaintext
Raw Normal View History

ARTEMIS-4383 migrate user docs to AsciiDoc Markdown, which is currently used for user-facing documentation, is good for a lot of things. However, it's not great for the kind of complex documentation we have and our need to produce both multi-page HTML and single-page PDF output via Maven. Markdown lacks features which would make the documentation easier to read, easier to navigate, and just look better overall. The current tool-chain uses honkit and a tool called Calibre. Honkit is written in TypeScript and is installed via NPM. Calibre is a native tool so it must be installed via an OS-specific package manager. All this complexity makes building, releasing, uploading, etc. a pain. AsciiDoc is relatively simple like Markdown, but it has more features for presentation and navigation not to mention Java-based Maven tooling to generate both HTML and PDF. Migrating will improve both the appearance of the documentation as well as the processes to generate and upload it. This commit contains the following changes: - Convert all the Markdown for the User Manual, Migration Guide, and Hacking guide to AsciiDoc via kramdown [1]. - Update the `artemis-website` build to use AsciiDoctor Maven tooling. - Update `RELEASING.md` with simplified instructions. - Update Hacking Guide with simplified instructions. - Use AsciiDoc link syntax in Artemis Maven doc plugin. - Drop EPUB & MOBI docs for User Manual as well as PDF for the Hacking Guide. All docs will be HTML only except for the User Manual which will have PDF. - Move all docs up out of their respective "en" directory. This was a hold-over from when we had docs in different languages. - Migration & Hacking Guides are now single-page HTML since they are relatively short. - Refactor README.md to simplify and remove redundant content. Benefits of the change: - Much simplified tooling. No more NPM packages or native tools. - Auto-generated table of contents for every chapter. - Auto-generated anchor links for every sub-section. - Overall more appealing presentation. - All docs will use the ActiveMQ favicon. - No more manual line-wrapping! AsciiDoc recommends one sentence per line and paragraphs are separated by a blank line. - AsciiDoctor plugins for IDEA are quite good. - Resulting HTML is less than *half* of the previous size. All previous links/bookmarks should continue to work. [1] https://github.com/asciidoctor/kramdown-asciidoc
2023-07-27 23:45:17 -04:00
= Authentication
Now that we have our acceptors and addresses ready, it's time to deal with broker security.
Artemis inherited most of the security concepts from ActiveMQ.
One of the most notable differences is that ActiveMQ _groups_ are now called _roles_ in Artemis.
Besides that things should be pretty familiar to existing ActiveMQ users.
Let's start by looking into the authentication mechanisms and defining users and roles (groups).
Both ActiveMQ and Artemis use JAAS to define authentication credentials.
In ActiveMQ, that's configured through the appropriate broker plugin in `conf/activemq.xml`
[,xml]
----
<plugins>
<jaasAuthenticationPlugin configuration="activemq" />
</plugins>
----
The name of the JAAS domain is specified as a configuration parameter.
In Artemis, the same thing is achieved by defining `<jaas-security>` configuration in `etc/bootstrap.xml`
[,xml]
----
<jaas-security domain="activemq"/>
----
From this point on, you can go and define your users and their roles in appropriate files, like `conf/users.properties` and `conf/groups.properties` in ActiveMQ.
Similarly, `etc/artemis-users.properties` and `etc/artemis-roles.properties` files are used in Artemis.
These files are interchangeable, so you should be able to just copy your existing configuration over to the new broker.
If your deployment is more complicated than this and requires some advanced JAAS configuration, you'll need go and change the `etc/login.config` file.
It's important to say that all custom JAAS modules and configuration you were using in ActiveMQ should be compatible with Artemis.
Finally, in case you're still using ActiveMQ's _Simple Authentication Plugin_, which defines users and groups directly in the broker's xml configuration file, you'll need to migrate to JAAS as Artemis doesn't support the similar concept.