-
1. Re: JMS Message Level Authorization
adrian.brock Oct 7, 2003 5:20 PM (in response to wippel)There is no standard mechanism to do this.
The security is at the destination level.
Why can't you create separate topics for sensitive messages?
Regards,
Adrian -
2. Re: JMS Message Level Authorization
wippel Oct 8, 2003 7:17 AM (in response to wippel)Due to the nature of the problem, it would require perhaps 1000's of topics. Not sure if this is a problem.
-
3. Re: JMS Message Level Authorization
adrian.brock Oct 9, 2003 5:49 AM (in response to wippel)Why? Topics are just multiple fifo queues (one for each subscriber).
One to use one Topic would be to write your own
JBossMQ interceptor that modifies the user's selector
according to their authority when they subscribe.
e.g. If the message has a property that defines a "Role" that can
see the message, you would add
"and (Role = 'UserRole1' or Role = 'UserRole2')"
If the selector fails to match, the message is not added
to the user's subscription.
If you look at JBossMQ's security intercepor you can
see how it determines the roles for a user.
But checking the selector is likely to make it perform slower
than having multiple topics.
Regards,
Adrian