9 Replies Latest reply on Aug 19, 2002 3:40 AM by pra

JMS Security Question

davidsills Aug 9, 2002 7:07 AM

I'm trying to deploy the message-driven bean in Richard Monson-Haefel's Enterprise JavaBeans (3rd ed.), Chapter 13. I'm using the JBoss workbook (still in beta, and missing much). I'm doing all this on JBoss 3.0.0, using MySql, on Windows XP.

I've managed all the EJB configuration, but am stumped by the following stacktrace, which seems to occur at just the first point that the MDB actually creates a QueueSession to the Reply-To that has been serialized and sent by the client:

QueueSession session = connect.createQueueSession (false,0);

I understand that the parameter values here are supposed to be ignored by the container, and also tried the recommended (true, 0) without any difference.

What's confusing is that I don't have a security manager set for this queue, and yet one seems to be being called. Undoubtedly there's just something I don't yet understand. Here's the configuration information:

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager

I'm just exploring JMS for the first time, and I'd like to hope that I can get this working with a little help from this forum. Thanks!

05:20:17,451 WARN [LogInterceptor] Unexpected Error
java.lang.ClassCircularityError: java/lang/Comparable
at org.jboss.security.plugins.JaasSecurityManager.validateCache(JaasSecurityManager.java:406)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:213)
at org.jboss.mq.security.SecurityManager.authenticate(SecurityManager.java:157)
at org.jboss.mq.security.ServerSecurityInterceptor.authenticate(ServerSecurityInterceptor.java:40)
at org.jboss.mq.server.TracingInterceptor.authenticate(TracingInterceptor.java:575)
at org.jboss.mq.server.JMSServerInvoker.authenticate(JMSServerInvoker.java:288)
at org.jboss.mq.il.jvm.JVMServerIL.authenticate(JVMServerIL.java:302)
at org.jboss.mq.Connection.authenticate(Connection.java:759)
at org.jboss.mq.Connection.(Connection.java:233)
at org.jboss.mq.SpyConnection.(SpyConnection.java:48)
at org.jboss.mq.SpyXAConnection.(SpyXAConnection.java:38)
at org.jboss.mq.SpyXAConnectionFactory.createXAQueueConnection(SpyXAConnectionFactory.java:111)
at org.jboss.jms.ConnectionFactoryHelper.createQueueConnection(ConnectionFactoryHelper.java:67)
at org.jboss.resource.adapter.jms.JmsManagedConnection.setup(JmsManagedConnection.java:598)
at org.jboss.resource.adapter.jms.JmsManagedConnection.(JmsManagedConnection.java:164)
at org.jboss.resource.adapter.jms.JmsManagedConnectionFactory.createManagedConnection(JmsManagedConnectionFactory.java:96)
at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.createConnection(InternalManagedConnectionPool.java:236)
at org.jboss.resource.connectionmanager.InternalManagedConnectionPool.getConnection(InternalManagedConnectionPool.java:101)
at org.jboss.resource.connectionmanager.JBossManagedConnectionPool$BasePool.getConnection(JBossManagedConnectionPool.java:312)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.getManagedConnection(BaseConnectionManager2.java:467)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:532)
at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:812)
at org.jboss.resource.adapter.jms.JmsSessionFactoryImpl.createQueueSession(JmsSessionFactoryImpl.java:117)
at com.titan.reservationprocessor.ReservationProcessorBean.deliverTicket(ReservationProcessorBean.java:130)
at com.titan.reservationprocessor.ReservationProcessorBean.onMessage(ReservationProcessorBean.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.ejb.MessageDrivenContainer$ContainerInterceptor.invoke(MessageDrivenContainer.java:391)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:186)
at org.jboss.ejb.plugins.MessageDrivenInstanceInterceptor.invoke(MessageDrivenInstanceInterceptor.java:88)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:96)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:142)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:61)
at org.jboss.ejb.plugins.RunAsSecurityInterceptor.invoke(RunAsSecurityInterceptor.java:100)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:166)
at org.jboss.ejb.MessageDrivenContainer.invoke(MessageDrivenContainer.java:302)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker.invoke(JMSContainerInvoker.java:625)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker$MessageListenerImpl.onMessage(JMSContainerInvoker.java:973)
at org.jboss.jms.asf.StdServerSession.onMessage(StdServerSession.java:234)
at org.jboss.mq.SpyMessageConsumer.sessionConsumerProcessMessage(SpyMessageConsumer.java:561)
at org.jboss.mq.SpyMessageConsumer.addMessage(SpyMessageConsumer.java:377)
at org.jboss.mq.SpySession.run(SpySession.java:252)
at org.jboss.jms.asf.StdServerSession.run(StdServerSession.java:173)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:642)
at java.lang.Thread.run(Thread.java:536)

1. Re: JMS Security Question

pra Aug 9, 2002 8:37 AM (in response to davidsills)

Take a look at https://sourceforge.net/tracker/?func=detail&aid=526622&group_id=22866&atid=381174

To remove security you have to change the setup of JBossMQ, not just a destination. I wrote about it in a post a couple of days ago.

//Peter

From changenote:
- All connections are checked for autentication. To
setup a non secured environment requires to remove the
security adapter configurations.

- All access to destinations are checked for
authorization. This is based on a simple role based ACL
list where a particular role may have read (subscribe,
receive, browse), write (publish,send) or create
(durable sub) rights. Every destination have its own
configured security configuration. If non is available,
the default role guest with read and write rights are
used. To create a destination with no access rights
(what use is that?) an empty configuration must be
used.
Actions
2. Re: JMS Security Question

davidsills Aug 14, 2002 12:21 AM (in response to davidsills)

Dear PRA:

I hope you're still out there. I've been tearing my hair out for days. I'm running short of other places to go, and I obviously haven't understood how JBoss security works. I keep putting in more users and roles in different places, and still I can't connect my internal message-driven beans to the Queue I'm trying to use to send messages to a client. God knows what will happen when I finally get the messages to the queue and then we turn to what the client needs.

Can you give me some more information about where to read further? I've tried the Quick-Start document, where I only find security examples for entity and session beans, which have security contexts that are quite simple to understand. I've read through several other books to find out what I can. I have, after all, bought every piece of documentation JBoss has to offer, several of them twice.

I seem to see that in my MDB I have to create a connection thus:

QueueConnection connect = factory.createQueueConnection ("internalProducer", "ip_password");

I think I see that I have to configure

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager

(I'm trying to use "internalProducer" as the username for the internal MDB that will post finished tickets to the titan-TicketQueue, where they'll be picked up by "ticketClient.")

But I can't see how to configure JBoss so that it can know how to get the usernames and passwords for "internalProducer" and "ticketClient." I've tried most everything, but the documentation seems completely opaque to me (though I'm sure that once I understand I'll go back and say, "but of course!"). I haven't changed the default JBoss 3.0.0 security configuration files, however, in so far as I've been able to understand what they are.

Can you or can someone else help?
Actions
3. Re: JMS Security Question

davidsills Aug 14, 2002 12:25 AM (in response to davidsills)

Dear Peter:

Thanks for your reply, and I hope you're still out there. I've been tearing my hair out for days. I'm running short of other places to go, and I obviously haven't understood how JBoss security works. I keep putting in more users and roles in different places, and still I can't connect my internal message-driven beans to the Queue I'm trying to use to send messages to a client. God knows what will happen when I finally get the messages to the queue and then we turn to what the client needs.

Can you give me some more information about where to read further? I've tried the Quick-Start document, where I only find security examples for entity and session beans, which have security contexts that are quite simple to understand. I've read through several other books to find out what I can. I have, after all, bought every piece of documentation JBoss has to offer, several of them twice.

I seem to see that in my MDB I have to create a connection thus:

QueueConnection connect = factory.createQueueConnection ("internalProducer", "ip_password");

I think I see that I have to configure

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager

(I'm trying to use "internalProducer" as the username for the internal MDB that will post finished tickets to the titan-TicketQueue, where they'll be picked up by "ticketClient.")

But I can't see how to configure JBoss so that it can know how to get the usernames and passwords for "internalProducer" and "ticketClient." I've tried most everything, but the documentation seems completely opaque to me (though I'm sure that once I understand I'll go back and say, "but of course!"). I haven't changed the default JBoss 3.0.0 security configuration files, however, in so far as I've been able to understand what they are.

Can you or can someone else help?

David
Actions
4. Re: JMS Security Question

pra Aug 14, 2002 4:21 AM (in response to davidsills)

Say you set up your jbossmq-state.xml file like this:

jbossmq-state.xml:

guest
guest

john
needle
DurableSubscriberExample

bert
topsecret

guest
john

john

john
bert

What you have here is three users, guest, john and bert. These are the users you may login as, for example

QueueConnection connect = factory.createQueueConnection ("bert", "topsecret");

There are also a number of roles, to wich a user may belong. The security scheme in JBoss is rolebased. So the thing you specify in your destination configuration is the roles adn not the users.

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager

The above configuration says that when a user tries to subsribe to the queue, it will be checked if the user really belong to the role ticketClient, which only john does here. When trying to send messages to the destination it will be checked if the user belongs to the internalProducer role, which both john and bert does in the above configuration.

//Peter
Actions
5. Re: JMS Security Question

davidsills Aug 14, 2002 9:08 AM (in response to davidsills)

Peter:

Thanks. I don't feel quite so stupid now. I did try doing exactly this (sort of fell over it and it seemed like it should work), or at least I thought I had. I still got Exceptions that indicated that the system was not finding password information. I assumed that somehow I had put the information into the wrong file, or that the security configuration that was being applied didn't actually read that file. I haven't time enough this morning before work to try again and to forward all results, but I will try once more very carefully and see what happens.

Thanks again for your help. It is much appreciated.
Actions
6. Re: JMS Security Question

davidsills Aug 14, 2002 11:40 PM (in response to davidsills)

Dear Peter:

This is what I tried. Obviously it must have been different from what you suggested, but I don't see how yet. If you can elucidate, I will be most grateful.

jbossmq-state.xml:

internalTicketProducer
itp_password

externalTicketConsumer
etc_password

externalReservationProducer
erp_password

internalTicketProducer

externalTicketConsumer

externalReservationProducer

jbossmq-titanqueues-service.xml:

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager

JmsClient_TicketConsumer.java:

Context jndiContext = getInitialContext ();
QueueConnectionFactory factory = (QueueConnectionFactory) jndiContext.lookup ("ConnectionFactory");
Queue ticketQueue = (Queue) jndiContext.lookup ("queue/titan-TicketQueue");
QueueConnection connect = factory.createQueueConnection ("externalTicketConsumer", "etc_password");
QueueSession session = connect.createQueueSession (false,Session.AUTO_ACKNOWLEDGE);
QueueReceiver receiver = session.createReceiver (ticketQueue);
receiver.setMessageListener (this);
connect.start ();

The exception when I try to run the class:

22:38:19,531 WARN [SecurityManager] No SecurityMetadadata was available for titan-ReservationQueue adding default security conf
22:38:32,660 WARN [SecurityManager] No SecurityMetadadata was available for titan-TicketQueue adding default security conf
22:38:32,670 WARN [OILServerILService] Client request resulted in a server exception:
javax.jms.JMSSecurityException: Connection not authorized to subscribe to destination: titan-TicketQueue
at org.jboss.mq.security.ServerSecurityInterceptor.subscribe(ServerSecurityInterceptor.java:141)
at org.jboss.mq.server.TracingInterceptor.subscribe(TracingInterceptor.java:599)
at org.jboss.mq.server.JMSServerInvoker.subscribe(JMSServerInvoker.java:298)
at org.jboss.mq.il.oil.OILServerILService$Client.run(OILServerILService.java:287)
at java.lang.Thread.run(Thread.java:536)
22:38:32,940 WARN [OILServerILService] Connection failure (1).
java.net.SocketException: Connection reset by peer: JVM_recv in socket input stream read
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:116)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:183)
at java.io.BufferedInputStream.read(BufferedInputStream.java:201)
at java.io.ObjectInputStream$PeekInputStream.peek(ObjectInputStream.java:2118)
at java.io.ObjectInputStream$BlockDataInputStream.readBlockHeader(ObjectInputStream.java:2301)
at java.io.ObjectInputStream$BlockDataInputStream.refill(ObjectInputStream.java:2368)
at java.io.ObjectInputStream$BlockDataInputStream.read(ObjectInputStream.java:2440)
at java.io.ObjectInputStream$BlockDataInputStream.readByte(ObjectInputStream.java:2589)
at java.io.ObjectInputStream.readByte(ObjectInputStream.java:837)
at org.jboss.mq.il.oil.OILServerILService$Client.run(OILServerILService.java:190)
at java.lang.Thread.run(Thread.java:536)

I take it that the SocketException is secondary, but I don't understand what I did wrong so that the connection couldn't be made. Perhaps the error will be suggestive? Or perhaps there's another piece I need?

Thanks for taking a look at this. I appreciate your efforts.

David
Actions
7. Re: JMS Security Question

pra Aug 16, 2002 4:19 AM (in response to davidsills)

Your trouble now is that your destination is not configured correct: Heres a correct one:

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager
<depends optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager

Yours is missing the SecurityManager part.

//Peter
Actions
8. Re: JMS Security Question

davidsills Aug 17, 2002 10:41 PM (in response to davidsills)

Peter:

Thanks very much for the help. I reconfigured the security as you suggested, and at least I don't get the warnings. But now something else peculiar has popped up. The stack trace:

21:34:34,645 WARN [JMSContainerInvoker] JMS provider failure detected:
javax.jms.JMSSecurityException: Connection not authorized to subscribe to destination: titan-ReservationQueue
at org.jboss.mq.security.ServerSecurityInterceptor.subscribe(ServerSecurityInterceptor.java:141)
at org.jboss.mq.server.TracingInterceptor.subscribe(TracingInterceptor.java:599)
at org.jboss.mq.server.JMSServerInvoker.subscribe(JMSServerInvoker.java:298)
at org.jboss.mq.il.jvm.JVMServerIL.subscribe(JVMServerIL.java:315)
at org.jboss.mq.Connection.addConsumer(Connection.java:962)
at org.jboss.mq.SpyConnectionConsumer.(SpyConnectionConsumer.java:73)
at org.jboss.mq.SpyConnection.createConnectionConsumer(SpyConnection.java:113)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker.innerCreate(JMSContainerInvoker.java:584)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker.create(JMSContainerInvoker.java:415)
at org.jboss.ejb.MessageDrivenContainer.create(MessageDrivenContainer.java:170)
at org.jboss.ejb.Container.invoke(Container.java:789)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:894)
at $Proxy6.create(Unknown Source)
at org.jboss.system.ServiceController.create(ServiceController.java:272)
at sun.reflect.GeneratedMethodAccessor25.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.util.jmx.MBeanProxy.invoke(MBeanProxy.java:174)
at $Proxy19.create(Unknown Source)
at org.jboss.ejb.EjbModule.createService(EjbModule.java:392)
at org.jboss.system.ServiceMBeanSupport.create(ServiceMBeanSupport.java:134)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:894)
at $Proxy6.create(Unknown Source)
at org.jboss.system.ServiceController.create(ServiceController.java:272)
at org.jboss.system.ServiceController.create(ServiceController.java:212)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.util.jmx.MBeanProxy.invoke(MBeanProxy.java:174)
at $Proxy5.create(Unknown Source)
at org.jboss.ejb.EJBDeployer.create(EJBDeployer.java:380)
at org.jboss.deployment.MainDeployer.create(MainDeployer.java:637)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:512)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:481)
at sun.reflect.GeneratedMethodAccessor8.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.util.jmx.MBeanProxy.invoke(MBeanProxy.java:174)
at $Proxy4.deploy(Unknown Source)
at org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:405)
at org.jboss.deployment.scanner.URLDeploymentScanner.scanDirectory(URLDeploymentScanner.java:586)
at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:465)
at org.jboss.deployment.scanner.AbstractDeploymentScanner.startService(AbstractDeploymentScanner.java:237)
at org.jboss.system.ServiceMBeanSupport.start(ServiceMBeanSupport.java:162)
at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:894)
at $Proxy0.start(Unknown Source)
at org.jboss.system.ServiceController.start(ServiceController.java:340)
at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.util.jmx.MBeanProxy.invoke(MBeanProxy.java:174)
at $Proxy3.start(Unknown Source)
at org.jboss.deployment.SARDeployer.start(SARDeployer.java:243)
at org.jboss.deployment.MainDeployer.start(MainDeployer.java:678)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:513)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:481)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:465)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:491)
at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:314)
at org.jboss.system.server.ServerImpl.start(ServerImpl.java:216)
at org.jboss.Main.boot(Main.java:142)
at org.jboss.Main$1.run(Main.java:375)
at java.lang.Thread.run(Thread.java:536)
21:34:34,675 INFO [JMSContainerInvoker] Trying to reconnect to JMS provider

And it keeps trying to reconnect to the JMS provider over and over, throwing exceptions all the while. If I put "guest" in as an authorized user, it works:

<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager
<depends optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager

What I don't understand is that guest is not even involved in my application. I understand that "Destination without a configured SecurityManager or without a SecurityConf will default to role guest" as the configuration file indicates, but I think that, with your help, I have managed this. Clearly "guest" doesn't always have to be an authorized user, as this only is a problem with the titan-ReservationQueue, and I have another queue set up for listeners. Is it because I have a message-driven bean configured to listen to this queue and not to the other?

Still trying to work through the issues. Many thanks again for your help. Somehow EJB configuration seemed easier than this, in fact quite intuitive. Just practice, I suppose.

David
Actions
9. Re: JMS Security Question

pra Aug 19, 2002 3:40 AM (in response to davidsills)

Now its time to turn on trace logging to so if its the JAAS stuff that flakes somehow.

As far as I remember guest is an implicit user/role defineded in the auth.conf or the 3.0.1 eqvivalent. SO if you do noy want anonymous user at al, remove the mapping in auth.conf or do not set guest as allowed in your destination.

//Peter
Actions

Go to original post