JMS user authentication error (remote) with createConnnectio
josey May 16, 2006 2:16 PMI using a JBossMQ JMS server running in jboss-4.0.4.CR2. My MDBs deploy and consume messages fine and I have no problem producing messages locally (e.g., I can produce messages using a standalone client application running in another JVM on the same machine as the application server).
When I try to connect to the JMS server remotely to produce messages I get an exception when trying to create a connection (e.g., Server A is running jboss with JBossMQ; Server B tries to get a JMS Connection and receives an error: Cannot authenticate user
The error occurs while executing this line:
factory.createConnection("guest", "guest");
I have included my login-conf.xml and jbossmq-service.xml below.
Question: Do I need to use a LoginContext when getting the InitialContext for the JNDI lookups?
Question: Is there anything else I am missing?
Here is how I get my InitialContext (which gets me the ConnectionFactory with no error):
Hashtable env = new Hashtable(); env.put(Context.SECURITY_PRINCIPAL, "guest"); env.put(Context.SECURITY_CREDENTIALS, "guest"); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); env.put(Context.PROVIDER_URL, "jnp://111.11.222.111"); //note: bogus ip address env.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces" ); InitialContext ctx = new InitialContext(env);
From jbossmq-service.xml:
<mbean code="org.jboss.mq.security.SecurityManager" name="jboss.mq:service=SecurityManager"> <attribute name="DefaultSecurityConfig"> <security> <role name="guest" read="true" write="true" create="true"/> </security> </attribute> <attribute name="SecurityDomain">java:/jaas/jbossmq</attribute> <depends optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends> </mbean>
From login-conf.xml
<!-- Security domain for JBossMQ --> <application-policy name = "jbossmq"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "unauthenticatedIdentity">guest</module-option> <module-option name = "dsJndiName">java:/DefaultDS</module-option> <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option> <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option> </login-module> </authentication> </application-policy>
Also, my DefaultDS has the correct userid, password and roleid defined for "guest".