Hello!

I am running jboss-4.2.1.GA and I have a jms queue which I want clients to listen at and the server to send to. The clients uses flex and the server java (of course). I have managed to do all this without any security constraints so both clients and the server are able to read and write to and from the jms queue.

I have tried to manipulate these files:
jboss/server/default/deploy/jms/jbossmq-destinations-service.xml
jboss/server/default/data/hypersonic/localDB.script
jboss/server/all/deploy-hasingleton/jms/jbossmq-service.xml
jboss/server/all/deploy-hasingleton/jms/jbossmq-destinations-service.xml
jboss/server/all/deploy-hasingleton/jms/hsqldb-jdbc-state-service.xml

without getting anywhere, either everyone is able to both read and write or noone is able to read/write.

How do I setup this user database? I have tried to find anything about it, but without luck.

Actually, I would like to have a security model thats not password based, but based on which ip thats connected to the jms queue. I would like to setup a solution where only connections from localhost can write to the queue, in other words the server. Is that possible?