JMS user authentication error (remote) when requesting a Con
josey May 15, 2006 6:53 PMI have searched for a very long trying to trying to resolve this issue. Based on the posts, wiki pages that I have read (and other external pages) this all seems to be correct. So it is now time to request help.
I using a JBossMQ JMS server running in jboss4.02CR2. My MDBs deploy and consume messages fine and I have no problem producing messages locally (e.g., I can produce messages using a standalone client application running in another JVM on the same machine as the application server).
But when I try to send messages to the JMS server and I am running the message producer on another server I get an exception every time I try to get a connection from the ConnectionFactory (no problem getting the ConnectionFactory; the exception is thrown while executing this line:
factory.createConnection("guest", "guest"). Note that these machines are on the same network. The issue is a user authentication issue.
Here is the applicable stack trace:
15:25:00,906 DEBUG NestedThrowable: org.jboss.util.NestedThrowable.detectDuplicateNesting=true org.jboss.mq.SpyJMSException: Cannot authenticate user; - nested throwable: (java.net.ConnectException: Connection refused: connect) at org.jboss.mq.SpyJMSException.getAsJMSException(SpyJMSException.java:66) at org.jboss.mq.SpyJMSException.rethrowAsJMSException(SpyJMSException.java:51) at org.jboss.mq.Connection.authenticate(Connection.java:1118) at org.jboss.mq.Connection.<init>(Connection.java:267) at org.jboss.mq.SpyConnection.<init>(SpyConnection.java:57) at org.jboss.mq.SpyConnectionFactory.createConnection(SpyConnectionFactory.java:108) ....
Again, the exception is thrown when I execute this command:
connection = factory.createConnection("guest", "guest");
Here is how I get my InitialContext (which gets me the ConnectionFactory with no error):
Hashtable env = new Hashtable(); env.put(Context.SECURITY_PRINCIPAL, "guest"); env.put(Context.SECURITY_CREDENTIALS, "guest"); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); env.put(Context.PROVIDER_URL, "jnp://111.11.222.111"); //note: bogus ip address env.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces" ); InitialContext ctx = new InitialContext(env);
From jbossmq-service.xml:
<mbean code="org.jboss.mq.security.SecurityManager" name="jboss.mq:service=SecurityManager"> <attribute name="DefaultSecurityConfig"> <security> <role name="guest" read="true" write="true" create="true"/> </security> </attribute> <attribute name="SecurityDomain">java:/jaas/jbossmq</attribute> <depends optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends> </mbean>
From login-conf.xml
<!-- Security domain for JBossMQ --> <application-policy name = "jbossmq"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "unauthenticatedIdentity">guest</module-option> <module-option name = "dsJndiName">java:/DefaultDS</module-option> <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option> <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option> </login-module> </authentication> </application-policy>
Note also that I have the appropriate db tables set up with the default user, role, password for "guest" that comes with this jboss release (I plan to change from using these defaults after I can get the default working).
Also, from jbossmq-destinations-service.xml (this should not matter with respect to creating a connection):
<mbean code="org.jboss.mq.server.jmx.Queue" name="jboss.mq.destination:service=Queue,name=MessageQueueA"> <depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends> <depends optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager</depends> <attribute name="SecurityConf"> <security> <role name="guest" read="true" write="true"/> </security> </attribute> </mbean>
Again, this is only an issue when I try to use a remote client to produce the messages; running the same message producer code locally there is no issue.
Thanks for any help.