Controlling Access with ACL

After ACL is enabled for an instance, user authentication information must be added to both the producer and consumer configurations.

Preparing the Environment

You can connect open-source Java clients to DMS for RocketMQ. The recommended Java client version is 4.9.8.

Use either of the following methods to import a dependency:

Using Maven

<dependency>
    <groupId>org.apache.rocketmq</groupId>
    <artifactId>rocketmq-client</artifactId>
    <version>4.9.8</version>
</dependency>

<dependency>
    <groupId>org.apache.rocketmq</groupId>
    <artifactId>rocketmq-acl</artifactId>
    <version>4.9.8</version>
</dependency>

Downloading the dependency.

Adding User Authentication Information to the Producer

Add the rpcHook parameter during producer initialization.

For normal, ordered, and scheduled messages, add the following code:

RPCHook rpcHook = new AclClientRPCHook(new SessionCredentials("ACL_ACCESS_KEY", "ACL_SECRET_KEY"));
DefaultMQProducer producer = new DefaultMQProducer("ProducerGroupName", rpcHook);

For transactional messages, add the following code:

RPCHook rpcHook = new AclClientRPCHook(new SessionCredentials("ACL_ACCESS_KEY", "ACL_SECRET_KEY"));
TransactionMQProducer producer = new TransactionMQProducer("ProducerGroupName", rpcHook);

ACL_ACCESS_KEY indicates the username, and ACL_SECRET_KEY indicates the user secret key. For details about how to create a user, see Creating a User. Encrypt the username and key for security.

Adding User Authentication Information to the Consumer

Add the rpcHook parameter during consumer initialization. Add the following code for normal, ordered, scheduled, and transactional messages:

RPCHook rpcHook = new AclClientRPCHook(new SessionCredentials("ACL_ACCESS_KEY", "ACL_SECRET_KEY"));
DefaultMQPushConsumer consumer = new DefaultMQPushConsumer(null, "ConsumerGroupName", rpcHook);

Parent topic: Java (TCP)

Previous topic: Delivering Scheduled Messages

Next topic: Controlling Traffic on Consumers