-
1. Re: 1.3.0 Temporary Destination - Full security
aslak Jun 14, 2007 5:04 PM (in response to aslak)I'd like to clearify my last post...
The last post was a bit of a mix between two different issues I was having.
The referencing source was more of an 'oddity' that I found looking for;
'Why I wasn't able to read from my temp destination even though I could see the message?'.
I had assumed that Queue/TopicRequestor handled the connection.start as well, guess not..
The main problem still is... I don't have read permission on my temporary destination by default.
Looking at the org.jboss.jms.server.container.SecurityAspect it might be missing something like(pesudo):
if (dest.isTemporary()) {
if(dest.getClientConnectionId != clientConnection.id)
throw SecurityException
}
I havn't found the correct semantics yet.
-aslak- -
2. Re: 1.3.0 Temporary Destination - Full security
sergeypk Jun 18, 2007 11:02 AM (in response to aslak)I have created a JIRA issue (http://jira.jboss.com/jira/browse/JBMESSAGING-993) for the first problem you describe (temporary destinations should not be bound to JNDI). As I investigate the other problems you mentioned I will create more issues if needed.
-
3. Re: 1.3.0 Temporary Destination - Full security
sergeypk Jun 19, 2007 6:33 AM (in response to aslak)Created http://jira.jboss.com/jira/browse/JBMESSAGING-994 for the security issue.
-
4. Re: 1.3.0 Temporary Destination - Full security
timfox Jun 19, 2007 7:48 AM (in response to aslak)