 |  |  |  |  |
| | | | |
 |  |
The simple authentication plug-in provides the quickest way to enable authentication in a broker. With this approach, all of the user data is embedded in the broker configuration file. It is useful for testing purposes and for small-scale systems with relatively few users, but it does not scale well for large systems.
Example 3.1 shows how to configure simple
authentication by adding a simpleAuthenticationPlugin element to the list of
plug-ins in the broker configuration.
Example 3.1. Simple Authentication Configuration
<beans>
<broker ...>
...
<plugins>
<simpleAuthenticationPlugin>
<users>
<authenticationUser username="system"
password="manager"
groups="users,admins"/>
<authenticationUser username="user"
password="password"
groups="users"/>
<authenticationUser username="guest"
password="password"
groups="guests"/>
</users>
</simpleAuthenticationPlugin>
</plugins>
...
</broker>
</beans>For each user, add an authenticationUser element as shown, setting the
username, password, and groups attributes. In order
to authenticate a user successfully, the username/password credentials received from a
client must match the corresponding attributes in one of the authenticationUser
elements. The groups attribute assigns a user to one or more groups (formatted
as a comma-separated list). If authorization is enabled, the assigned groups are used to
check whether a user has permission to invoke certain operations. If authorization is not
enabled, the groups are ignored.
| |  | |
 |
