I am trying to disable security on ActiveMQ Artemis for testing purposes.
I am using the official Docker image from which I am starting a container with a volume mounted from my host to /var/lib/artemis-instance/etc-override/broker.xml
inside the container, containing the modified broker.xml
(which then has <security-enabled>false</security-enabled>
)
$ docker run --detach --name artemis -v /jms/docker/etc/broker.xml:/var/lib/artemis-instance/etc-override/broker.xml -p 61616:61616 -p 8161:8161 --rm apache/activemq-artemis:2.30.0
According to the documentation, any settings set within the etc-override/
should become the master (used for user customization). Somehow, I still have security enabled when I try to send a message to the broker:
Caused by: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ229031: Unable to validate user from /172.17.0.1:57464. Username: null; SSL certificate subject DN: unavailable]
at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticationFailed(SecurityStoreImpl.java:378)
at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:207)
at org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.validateUser(ActiveMQServerImpl.java:1783)
at org.apache.activemq.artemis.core.protocol.openwire.OpenWireProtocolManager.validateUser(OpenWireProtocolManager.java:576)
at org.apache.activemq.artemis.core.protocol.openwire.OpenWireProtocolManager.validateUser(OpenWireProtocolManager.java:408)
What am I doing wrong here?
The problem is that you're attempting to override a single file, but that's not how it works. The documentation states:
You can use customized configuration for the ActiveMQ Artemis instance by replacing the files residing in the etc folder with the custom ones, e.g.
broker.xml
orartemis.profile
. Put the replacement files inside a folder and map it as a volume to:/var/lib/artemis-instance/etc-override
The contents of etc-override folder will be copied over to etc folder after the instance creation so that the broker will always start with user-supplied configuration.
Note that you need to put your replacement broker.xml
inside a folder and map it as a volume to /var/lib/artemis-instance/etc-override
, e.g.:
$ docker run --detach --name artemis -v /path/to/myconfig:/var/lib/artemis-instance/etc-override -p 61616:61616 -p 8161:8161 --rm apache/activemq-artemis:latest
The folder /path/to/myconfig
should contain your broker.xml
.
Also, I recommend you use the latest
image rather than 2.30.0
.