Add New Users
The Qpid Java Broker has a single reference source () that
defines all the users in the system.
To add a new user to the broker the password file must be
updated. The details about adding entries and when these updates
take effect are dependent on the file format each of which are
described below.
Dynamic
changes to password files.
The Plain password file and the Base64MD5 format file are both
only read once on start up.
To make changes dynamically there are two options, both require
administrator access via the Management Console (see )
You can replace the file and use the console to reload its
contents.
The management console provides an interface to create,
delete and amend the users. These changes are written back to the
active password file.
How password files and PrincipalDatabases relate to
authentication mechanisms
For each type of password file a PrincipalDatabase exists that
parses the contents. These PrincipalDatabases load various SASL
mechanism based on their supportability. e.g. the Base64MD5 file
format can't support Plain authentication as the plain password
is not available. Any client connecting need only be concerned
about the SASL module they support and not the type of
PrincipalDatabase. So I client that understands CRAM-MD5 will
work correctly with a Plain and Base64MD5 PrincipalDatabase.
File Format and Principal Database
FileFormat/PrincipalDatabase
SASL
Plain
AMQPLAIN PLAIN CRAM-MD5
Base64MD5
CRAM-MD5 CRAM-MD5-HASHED
For details of SASL support see