1 Reply Latest reply on Dec 14, 2006 1:08 AM by weston.price

createConnection(username,password) behavior with jmsra

starksm64 Dec 13, 2006 4:41 AM

I'm surprised I have not run across this before, but we don't support passing in the security domain authentication information via the jms factory createQueueConnection(String, String) call for example. Seems like we could have a security-domain-and-application-cri style of tx-connection-factory paramater that would allow the allocateConnection to use the ConnectionRequestInfo login info if it supported it. At the following BaseConnectionManager2.allocateConnection call, the cri is an opaque interface:

 public Object allocateConnection(ManagedConnectionFactory mcf, ConnectionRequestInfo cri) throws ResourceException
 {
 if (poolingStrategy == null)
 throw new ResourceException(
 "You are trying to use a connection factory that has been shut down: ManagedConnectionFactory is null.");

 //it is an explicit spec requirement that equals be used for matching rather than ==.
 if (!poolingStrategy.getManagedConnectionFactory().equals(mcf))
 throw new ResourceException("Wrong ManagedConnectionFactory sent to allocateConnection!");

 // Pick a managed connection from the pool
 Subject subject = getSubject();
 ConnectionListener cl = getManagedConnection(subject, cri);

We would have to use reflection or something to see if the cri supported a PasswordCredential property or something. Since that is rather hacky, I suppose that is why?

1. Re: createConnection(username,password) behavior with jmsra

weston.price Dec 14, 2006 1:08 AM (in response to starksm64)

Interesting. There shouldn't be anything to prohibit this as we do exactly the same thing for JDBC connections and domain based authentication where the username/password get extracted from the Subject.

JIRA

http://jira.jboss.org/jira/browse/JBAS-3943
Actions