-
1. Re: Enabling security for HornetQ
stianst Sep 15, 2011 10:17 AM (in response to stianst)Bump.. Does no one know the answer to this?
-
2. Re: Enabling security for HornetQ
fabrizio.benedetti Sep 16, 2011 6:43 AM (in response to stianst)Try adding a security-domain in standalone.xml or domain.xml:
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="hornetq">
<authentication>
<login-module code="UsersRoles " flag="required">
<module-option name="usersProperties" value="file:///path/to/props/hornetq-users.properties"/>
<module-option name="rolesProperties" value="file:///path/to/props/hornetq-roles.properties"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
-
3. Re: Enabling security for HornetQ
stianst Sep 21, 2011 5:22 AM (in response to fabrizio.benedetti)Tried that. I've tried to add the following:
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="file:///tmp/hornetq-users.properties"/>
<module-option name="rolesProperties" value="file:///tmp/hornetq-roles.properties"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="messaging">
<authentication>
<login-module code="UsersRoles " flag="required">
<module-option name="usersProperties" value="file:///tmp/hornetq-users.properties"/>
<module-option name="rolesProperties" value="file:///tmp/hornetq-roles.properties"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="hornetq">
<authentication>
<login-module code="UsersRoles " flag="required">
<module-option name="usersProperties" value="file:///tmp/hornetq-users.properties"/>
<module-option name="rolesProperties" value="file:///tmp/hornetq-roles.properties"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
Still able to send messages without supplying a username/password. You would also think that something would complain if the security-domain was missing? Instead of simply bypassing security?
-
4. Re: Enabling security for HornetQ
fabrizio.benedetti Sep 21, 2011 5:32 AM (in response to stianst)You're right, the security-domain is not sufficient. Messages can be sent without authentication.
I think that it is missing a mapping between messaging subsystem and the security domain "hornetq".
HornetQ in 7.0.1 does not yet support security?
-
5. Re: Enabling security for HornetQ
stianst Sep 21, 2011 12:53 PM (in response to fabrizio.benedetti)Either there are some missing steps in the documentation (https://docs.jboss.org/author/display/AS7/Messaging+configuration) or its simply not working. Not much response on this issue though :|
-
6. Re: Enabling security for HornetQ
jaikiran Sep 23, 2011 9:08 AM (in response to stianst)I'm not sure if this has been integrated in AS7, yet. Please bring this up in the as7 dev list https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
-
7. Re: Enabling security for HornetQ
stianst Oct 11, 2011 7:34 AM (in response to stianst)Thread about this in as7 dev list: http://lists.jboss.org/pipermail/jboss-as7-dev/2011-October/004056.html
-
8. Re: Enabling security for HornetQ
ohmygod Jun 28, 2012 12:34 PM (in response to stianst)It seems I am having just the opposite issue: authenticate with null user error.
https://community.jboss.org/message/744809#744809
I am wondering how to disable this in JBoss7..
-
9. Re: Enabling security for HornetQ
jbertram Jun 28, 2012 2:35 PM (in response to stianst)HornetQ is secured by default in the latest versions of JBoss AS7 (i.e. 7.1.1.Final and 7.2.0.Alpha1-SNAPSHOT from Git). My guess is that the security integration wasn't available in the version you were using.