0 Replies Latest reply on May 16, 2006 2:16 PM by josey

    JMS user authentication error (remote) with createConnnectio

      I using a JBossMQ JMS server running in jboss-4.0.4.CR2. My MDBs deploy and consume messages fine and I have no problem producing messages locally (e.g., I can produce messages using a standalone client application running in another JVM on the same machine as the application server).

      When I try to connect to the JMS server remotely to produce messages I get an exception when trying to create a connection (e.g., Server A is running jboss with JBossMQ; Server B tries to get a JMS Connection and receives an error: Cannot authenticate user

      The error occurs while executing this line:

      factory.createConnection("guest", "guest");

      I have included my login-conf.xml and jbossmq-service.xml below.

      Question: Do I need to use a LoginContext when getting the InitialContext for the JNDI lookups?

      Question: Is there anything else I am missing?

      Here is how I get my InitialContext (which gets me the ConnectionFactory with no error):
       Hashtable env = new Hashtable();
       env.put(Context.SECURITY_PRINCIPAL, "guest");
       env.put(Context.SECURITY_CREDENTIALS, "guest");
       env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
       env.put(Context.PROVIDER_URL, "jnp://"); //note: bogus ip address
       env.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces" );
       InitialContext ctx = new InitialContext(env);

      From jbossmq-service.xml:
       <mbean code="org.jboss.mq.security.SecurityManager" name="jboss.mq:service=SecurityManager">
       <attribute name="DefaultSecurityConfig">
       <role name="guest" read="true" write="true" create="true"/>
       <attribute name="SecurityDomain">java:/jaas/jbossmq</attribute>
       <depends optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends>

      From login-conf.xml
       <!-- Security domain for JBossMQ -->
       <application-policy name = "jbossmq">
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "unauthenticatedIdentity">guest</module-option>
       <module-option name = "dsJndiName">java:/DefaultDS</module-option>
       <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
       <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>

      Also, my DefaultDS has the correct userid, password and roleid defined for "guest".