THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
The Qpid Java Broker has a single reference source (PrincipalDatabase) that defines all the users in the system.
To add a new user to the system it is simply a matter of adding a new entry in the file. Further details about adding entries and when these updates take effect are described for each file format below.
Available Password file formats
There are currently two different file formats available for use depending on the PrincipalDatabase that is desired.
- Plain
- Base64MD5
Plain
The plain file has the following format:
...
Lines starting with a '#' are treated as comments.
Base64MD5
The Base64MD5 file uses the following format:
...
To create entries for the file there is a qpid-passwd tool that will generate the required lines for the file. Eventually it is planned for this tool to emulate the functionality of htpasswd for qpid passwd files.
Dynamic changes to password files.
The Plain password file is re-read from disk on every login. So changes to the file will take immediate effect to a running broker. However, the Base64MD5 format is only read once on start up.
...
- You can replace the file and use the console to reload its contents.
- The management console provides an interface to create, delete and amend the users. These changes are written back to the active password file.
How password files and
...
PrincipalDatabases relate to authentication mechanisms
For each type of password file a PrincipalDatabase exists that parses the contents. These PrincipalDatabases load various SASL mechanism based on their supportability. e.g. the Base64MD5 file format can't support Plain authentication as the plain password is not available.
...