This content has been marked as final.
Show 2 replies
-
1. Re: Secure Queue implementation in JBoss 4.0.2.GA
mskonda Jan 22, 2008 3:50 AM (in response to anupamkakade)You can secure your destinations (topics/queues) either individually or on a global basis.
Individual security:
Add the 'SecurityConfig' attribute with appropriate role access as shown below to the individual destination configuration:<mbean code="org.jboss.jms.server.destination.TopicService" name="jboss.messaging.destination:service=Topic,name=mySecuredTopic" xmbean-dd="xmdesc/Topic-xmbean.xml"> <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends> <depends>jboss.messaging:service=PostOffice</depends> <attribute name="SecurityConfig"> <security> <role name="jms_sub" read="true" write="false" create="false"/> <role name="jms_pub" read="false" write="true" create="false"/> <role name="jms_pubsub" read="true" write="true" create="false"/> <role name="jms_dursub" read="true" write="false" create="true"/> <role name="jms_admin" read="true" write="true" create="true"/> </security> </attribute> </mbean>
Of course, thsoe roles should be defined in your data store.
On a global basis, edit the deploy/jboss-messaging.sar/messaging-service.xml and add the 'DefaultSecurityConfig' block:<attribute name="DefaultSecurityConfig"> <security> <role name="jms_sub" read="true" write="false" create="false"/> <role name="jms_pub" read="false" write="true" create="false"/> <role name="jms_pubsub" read="true" write="true" create="false"/> <role name="jms_dursub" read="true" write="false" create="true"/> <role name="jms_admin" read="true" write="true" create="true"/> </security> </attribute>
There's a detailed explanation on the user manual here.
http://labs.jboss.com/file-access/default/members/jbossmessaging/freezone/docs/userguide-1.4.0.SP3/html/configuration.html#conf.destination.queue.attributes.security
/Madhu -
2. Re: Secure Queue implementation in JBoss 4.0.2.GA
anupamkakade Jan 22, 2008 11:50 PM (in response to anupamkakade)Dear Madhusudan,
Thanks a lot . This is the first time i got a reply on jboss.org. I will try to do the same and will let u know as soon as it happens . Once again thanks alot .
Anupam Kakade.
atom technologies ltd.
anupamkakade1@gmail.com