-
1. Re: Jboss MQ + jaas
j2ee_junkie May 26, 2006 2:06 PM (in response to dromanyuk)JGuard works by adding their net.sf.jguard.filters.AccessFilter version of a javax.servlet.Filter to your web application. As such it is separate from container managed security. Do you see the difference?
cgriffith -
2. Re: Jboss MQ + jaas
dromanyuk May 26, 2006 2:12 PM (in response to dromanyuk)Yes, I can see the difference...
I even understand that it sounds stupid :)
But the point is...
When I comment out jGuar's "filter" and "filter-mapping" from my web.xml, I have my MDB working well. -
3. Re: Jboss MQ + jaas
j2ee_junkie May 26, 2006 3:34 PM (in response to dromanyuk)Give details on the security config of your MDB.
-
4. Re: Jboss MQ + jaas
dromanyuk May 27, 2006 4:48 AM (in response to dromanyuk)Settings for "queue/A" and "QueueConnectionFactory" are default settings coming with jboss 4.0.3
******* jboss.xml *******
<enterprise-beans>
<message-driven>
<ejb-name>ReplicationMDBBean</ejb-name>
<destination-jndi-name>queue/A</destination-jndi-name>
</message-driven>
</enterprise-beans>
************** ejb-jar.xml***************
<?xml version = '1.0' encoding = 'windows-1251'?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar>
<enterprise-beans>
<message-driven>
Message Driven Bean
<display-name>ReplicationMDBBean</display-name>
<ejb-name>ReplicationMDBBean</ejb-name>
<ejb-class>mypackage.ReplicationMDBBean</ejb-class>
<transaction-type>Container</transaction-type>
<acknowledge-mode>Auto-acknowledge</acknowledge-mode>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
<subscription-durability>NonDurable</subscription-durability>
</message-driven-destination>
</message-driven>
</enterprise-beans>
<assembly-descriptor/>
</ejb-jar>
************* message publishing ************
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"
env.put(Context.PROVIDER_URL, "localhost" );
env.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces" );
InitialContext ctx = new InitialContext(env);
queueFactory = (QueueConnectionFactory)ctx.lookup( "QueueConnectionFactory");
queueConnection = queueFactory.createQueueConnection();
// *** THIS LINE PRODUCES AN EXCEPTION WITH JGuard0.70 TURNED ON ***
queueSession = queueConnection.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
queueConnection.start();
dest = (Queue)ctx.lookup("queue/A");
prod = queueSession.createProducer(dest);
ObjectMessage objectJmsMsg = queueSession.createObjectMessage();
objectJmsMsg.setObject(message);
prod.send(objectJmsMsg);
****** MDBean code**********
/**
* The MDB EJB for handling queue JMS messages.
*/
package mypackage.client;
import mypackage.UploadMessage;
import java.io.Serializable;
import javax.ejb.*;
import javax.jms.*;
import javax.naming.*;
/**
* @version $Revision: 1.3 $
*/
public class ReplicationMDBBean implements MessageDrivenBean, MessageListener {
private MessageDrivenContext _context;
private QueueConnection connection;
private QueueSession session;
//Logger log = null;
/**
* When MDB is being created this method will be called.
* The Log4J and JMS queue connection will be established.
*/
public void ejbCreate()
{
System.out.println( "In EJB create.." );
try {
System.out.println( "The EJB has been created" );
this.setupPTP();
}
catch(Exception e) {
System.out.println( "Failed to create MDB " + e.getStackTrace().toString() );
throw new EJBException("Failed to create MDB ", e);
}
}
public void setMessageDrivenContext(MessageDrivenContext context) throws EJBException {
_context = context;
}
/**
* When MDB destroying the following method is calling.
* The JMS queue connection is destroyed as well
* @throws EJBException
*/
public void ejbRemove() throws EJBException
{
_context = null;
try {
if( session != null )
session.close();
if( connection != null )
connection.close();
System.out.println("MDB been has been destroyed.");
}
catch(Exception e) {
System.out.println("Failed to destroy MDB "+ e);
throw new EJBException("Failed to destroy MDB ", e);
}
}
/**
* this method is being called when JMS message will be obtained
* after message is being retrieved from queue the data replication
* is being perforemd
* @param message
*/
public void onMessage(Message message)
{
UploadMessage uploadMessage = null;
System.out.println("The message has been recieved by MDB.");
if( message instanceof ObjectMessage )
try {
ObjectMessage obj = (ObjectMessage)message;
Serializable ser = obj.getObject();
uploadMessage = (UploadMessage)ser;
System.out.println( "Message"+uploadMessage );
}
catch(JMSException e) {
System.out.println("The Object message can not be obtained. "+ e);
throw new EJBException("The Object message can not be obtained. ", e);
}
}
/**
* setup connection with JMS queue and create connection session
* @throws JMSException
* @throws NamingException
*/
private void setupPTP() throws JMSException, NamingException
{
InitialContext iniCtx = new InitialContext();
Object tmp = iniCtx.lookup("QueueConnectionFactory");
QueueConnectionFactory qcf = (QueueConnectionFactory) tmp;
connection = qcf.createQueueConnection();
session = connection.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
connection.start();
System.out.println("The JMS queue connection has been established.");
}
} -
5. Re: Jboss MQ + jaas
dromanyuk May 30, 2006 10:16 AM (in response to dromanyuk)I have tried a lot of things to fix this issue....
And what I discovered is the following...
Even the simpliest thing jGuardExample.war kills any embedded jboss security...
For example, jmx-console, it can be set-up to allow only "admin"-users via standard http auth...
And if we copy jGuardExample.war to deploy directory, then try to enter jmx-console, we can see login/password dialog window, but correct login/password pair is NOT accepted...
So... looks like the problem is not with EJB, it's something more basic... Looks like jGuard destroys any jBoss security ...