本文介绍了如何配置和使用ActiveMQ的内置Web控制台进行后台监控。通过在activemq.xml引入jetty.xml,启动Web控制台,然后在浏览器中访问127.0.0.1:8161以管理Broker。监控内容包括连接的机器、队列、主题和消息。文章提到了新旧两个管理平台,并简单提及了安全验证配置。
ActiveMQ提供了基于WEB的控制台,现在有两个版本。
监控的主要对象是连接的机器,队列,主题,消息。
1、在activemq.xml末尾引进内嵌的jetty.xml,用来启动web控制系统
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://activemq.apache.org/schema/core
http://activemq.apache.org/schema/core/activemq-core.xsd">
...
<broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" dataDirectory="${activemq.data}">
...
</broker>
<!--web 后台监控-->
<import resource="jetty.xml"/>
</beans>
2、在jetty.xml,由spring初始化运行内嵌式jetty容器
<bean id="Server" depends-on="jettyPort" class="org.eclipse.jetty.server.Server" init-method="start"
destroy-method="stop">
<property name="connectors">
<list>
<bean id="Connector" class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<!-- see the jettyPort bean -->
<property name="port" value="#{systemProperties['jetty.port']}" />
</bean>
<!--
Enable this connector if you wish to use https with web console
-->
<!--开启之后,打开SSL功能
<bean id="SecureConnector" class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<property name="port" value="8162" />
<property name="keystore" value="file:${activemq.conf}/broker.ks" />
<property name="password" value="password" />
</bean>
-->
</list>
</property>
<property name="handler">
<bean id="handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
<property name="handlers">
<list>
<ref bean="rewrite"/>
<ref bean="contexts" />
<ref bean="securityHandler" />
</list>
</property>
</bean>
</property>
</bean>
2.1端口配置,depends-on="jettyPort" 引用
<bean id="jettyPort" class="org.apache.activemq.web.WebConsolePort" init-method="start">
<!-- the default port number for the web console -->
<property name="port" value="8161"/>
</bean>
2.2jetty所需的其他配置
<bean id="rewrite" class="org.eclipse.jetty.rewrite.handler.RewriteHandler">
<property name="rules">
<set>
<bean class="org.eclipse.jetty.rewrite.handler.RedirectRegexRule">
<property name="regex" value="/api/jolokia(.*)"/>
<property name="replacement" value="/hawtio/jolokia$1"/>
</bean>
</set>
</property>
</bean>
<bean id="contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection">
</bean>
2.3 权限配置
<bean id="securityLoginService" class="org.eclipse.jetty.security.HashLoginService">
<property name="name" value="ActiveMQRealm" />
<property name="config" value="${activemq.conf}/jetty-realm.properties" />
</bean>
<bean id="securityConstraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC" />
<property name="roles" value="user,admin" />
<!-- set authenticate=false to disable login -->
<property name="authenticate" value="true" />
</bean>
<bean id="adminSecurityConstraint" class="org.eclipse.jetty.util.security.Constraint">
<property name="name" value="BASIC" />
<property name="roles" value="admin" />
<!-- set authenticate=false to disable login -->
<property name="authenticate" value="true" />
</bean>
<bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="securityConstraint" />
<property name="pathSpec" value="/admin/*,*.jsp" />
</bean>
<bean id="adminSecurityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
<property name="constraint" ref="adminSecurityConstraint" />
<property name="pathSpec" value="*.action" />
</bean>
<bean id="securityHandler" class="org.eclipse.jetty.security.ConstraintSecurityHandler">
<property name="loginService" ref="securityLoginService" />
<property name="authenticator">
<bean class="org.eclipse.jetty.security.authentication.BasicAuthenticator" />
</property>
<property name="constraintMappings">
<list>
<ref bean="adminSecurityConstraintMapping" />
<ref bean="securityConstraintMapping" />
</list>
</property>
<property name="handler">
<bean id="sec" class="org.eclipse.jetty.server.handler.HandlerCollection">
<property name="handlers">
<list>
<bean class="org.eclipse.jetty.webapp.WebAppContext">
<property name="contextPath" value="/hawtio" />
<!--新的web管理平台--->
<property name="war" value="${activemq.home}/webapps/hawtio" />
<property name="logUrlOnStart" value="true" />
</bean>
<bean class="org.eclipse.jetty.webapp.WebAppContext">
<property name="contextPath" value="/admin" />
<!--老的web管理平台--->
<property name="resourceBase" value="${activemq.home}/webapps/admin" />
<property name="logUrlOnStart" value="true" />
</bean>
<bean class="org.eclipse.jetty.server.handler.ResourceHandler">
<property name="directoriesListed" value="false" />
<property name="welcomeFiles">
<list>
<value>index.html</value>
</list>
</property>
<!---自动加载webapps下面的资源-->
<property name="resourceBase" value="${activemq.home}/webapps/" />
</bean>
<bean id="defaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler">
<property name="serveIcon" value="false" />
</bean>
</list>
</property>
</bean>
</property>
</bean>
3、启动后,在浏览器中即可访问
http://127.0.0.1:8161/
包含三个项目:
(1)Manage ActiveMQ broker 新的管理平台
(2)Manage ActiveMQ broker using the old console 老的管理平台
(3)一些DEMO。
老的系统平台登录所需的配置文件
conf/jetty-realm.properties,只是基于BasicAuthenticator
# Defines users that can access the web (console, demo, etc.) # username: password [,rolename ...] admin: admin, admin
新的系统所需的平台配置,基于
conf/login.config
activemq {
org.apache.activemq.jaas.PropertiesLoginModule required
org.apache.activemq.jaas.properties.user="users.properties"
org.apache.activemq.jaas.properties.group="groups.properties";
};
conf/users.properties
admin=admin
conf/groups.properties
admins=admin
4、安全校验原理,待续
太匆忙了,先写到这。。。
扫一扫
172万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
