在broker.conf 添加acl 验证
aclEnable=true
编辑plain_acl.yml 添加账号密码
globalWhiteRemoteAddresses: // 设置IP白名单
- 10.10.103.*
- 192.168.0.*
accounts: // 配置用户信息
- accessKey: RocketMQ //账号
secretKey: 12345678 //密码
whiteRemoteAddress: // 用户级别的IP地址白名单
admin: true // 当为 true 可以删除以下所有的配置
defaultTopicPerm: DENY // DENY拒绝、SUB 订阅权限、PUB 发送权限
defaultGroupPerm: SUB
topicPerms:
- topicA=DENY
- topicB=PUB|SUB
- topicC=SUB
groupPerms:
- groupA=DENY
- groupB=PUB|SUB
- groupC=SUB
- accessKey: RocketMQ2 //账号
secretKey: 12345678 //密码
whiteRemoteAddress: // 用户级别的IP地址白名单
admin: false // 当为 true 可以删除以下所有的配置
defaultTopicPerm: DENY // DENY拒绝、SUB 订阅权限、PUB 发送权限
defaultGroupPerm: SUB
topicPerms:
- topicA=DENY
- topicB=PUB|SUB
- topicC=SUB
groupPerms:
- groupA=DENY
- groupB=PUB|SUB
- groupC=SUB
重启broker
pox.xml 添加依赖
<dependency>
<groupId>org.apache.rocketmq</groupId>
<artifactId>rocketmq-client</artifactId>
<version>4.9.4</version>
</dependency>
<dependency>
<groupId>org.apache.rocketmq</groupId>
<artifactId>rocketmq-acl</artifactId>
<version>4.9.4</version>
</dependency>
生产者和消费者都要加上访问控制权限
AclClientRPCHook auth = new AclClientRPCHook(new SessionCredentials("RocketMQ", "12345678"));
DefaultMQPushConsumer consumer = new DefaultMQPushConsumer("please_rename_unique_group_name", auth,
new AllocateMessageQueueAveragely());
AclClientRPCHook auth = new AclClientRPCHook(new SessionCredentials("chenshan", "3.1415926"));
DefaultMQProducer producer = new DefaultMQProducer("please_rename_unique_group_name", auth);
如果开启了ACL验证未添加验证则:
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.rocketmq.client.exception.MQBrokerException: CODE: 1 DESC: org.apache.rocketmq.acl.common.AclException: No accessKey is configured, org.apache.rocketmq.acl.plain.PlainPermissionManager.validate(PlainPermissionManager.java:663) BROKER: 114.55.95.161:10911
For more information, please visit the url, http:
