Difficulties while implementing Role Based Security in HornetQ Standalone Server with JMS Bridge
etp_scm Jul 9, 2012 6:17 AMHi,
I have implemented role based security in hornetq2.2.5.
But it only works till the time I dont use JMS Bridge. When I use JMS Bridge, it stops working
Following is hornetq-beans.xml
<?xml version="1.0" encoding="UTF-8" standalone="no"?><deployment xmlns="urn:jboss:bean-deployer:2.0">
<bean class="org.jnp.server.NamingBeanImpl" name="Naming"/>
<!-- JNDI server. Disable this if you don't want JNDI -->
<bean class="org.jnp.server.Main" name="JNDIServer">
<property name="namingInfo">
<inject bean="Naming"/>
</property>
<!-- **************************************** -->
<!-- Replace with the Replication Server address -->
<!-- **************************************** -->
<!--<property name="bindAddress">172.24.1.30</property>
****************************************
Replace with the Replication Server address
****************************************
<property name="rmiBindAddress">172.24.1.30</property>
<property name="port">1099</property>
<property name="rmiPort">1098</property>
-->
</bean>
<!-- MBean server -->
<bean class="javax.management.MBeanServer" name="MBeanServer">
<constructor factoryClass="java.lang.management.ManagementFactory" factoryMethod="getPlatformMBeanServer"/>
</bean>
<!-- The core configuration -->
<bean class="org.hornetq.core.config.impl.FileConfiguration" name="Configuration"/>
<!-- The security manager -->
<bean class="org.hornetq.spi.core.security.HornetQSecurityManagerImpl" name="HornetQSecurityManager">
<start ignored="true"/>
<stop ignored="true"/>
</bean>
<!-- The core server -->
<bean class="org.hornetq.core.server.impl.HornetQServerImpl" name="HornetQServer">
<constructor>
<parameter>
<inject bean="Configuration"/>
</parameter>
<parameter>
<inject bean="MBeanServer"/>
</parameter>
<parameter>
<inject bean="HornetQSecurityManager"/>
</parameter>
</constructor>
<start ignored="true"/>
<stop ignored="true"/>
</bean>
<!-- The JMS server -->
<bean class="org.hornetq.jms.server.impl.JMSServerManagerImpl" name="JMSServerManager">
<constructor>
<parameter>
<inject bean="HornetQServer"/>
</parameter>
</constructor>
</bean>
<!-- The Store to EAS JMS Bridge -->
<bean class="org.hornetq.jms.bridge.impl.JMSBridgeImpl" name="StoreToEASBridge">
<constructor>
<!-- Source ConnectionFactory Factory -->
<parameter>
<inject bean="StoreCFF"/>
</parameter>
<!-- Destination ConnectionFactory Factory -->
<parameter>
<inject bean="ServerCFF"/>
</parameter>
<!-- Source DestinationFactory -->
<parameter>
<inject bean="StoreToEASLocalDestinationFactory"/>
</parameter>
<!-- Target DestinationFactory -->
<parameter>
<inject bean="StoreToEASRemoteDestinationFactory"/>
</parameter>
<!-- Source username (no username here) -->
<parameter><null/></parameter>
<!-- Source password (no password here)-->
<parameter><null/></parameter>
<!-- Target username (no username here)-->
<parameter><null/></parameter>
<!-- Target password (no password here)-->
<parameter><null/></parameter>
<!-- Selector -->
<parameter><null/></parameter>
<!-- Interval to retry in case of failure (in ms) -->
<parameter>5000</parameter>
<!-- Maximum number of retries to connect to the source and target -->
<parameter>-1</parameter>
<!-- Quality of service -->
<parameter>ONCE_AND_ONLY_ONCE</parameter>
<!-- Maximum batch size -->
<parameter>1</parameter>
<!-- Maximum batch time (-1 means infinite) -->
<parameter>-1</parameter>
<!-- Subscription name (no subscription name here)-->
<parameter><null/></parameter>
<!-- client ID (no client ID here)-->
<parameter><null/></parameter>
<!-- concatenate JMS messageID to the target's message header -->
<parameter>true</parameter>
<!-- register the JMS Bridge in the JMX MBeanServer -->
<parameter>
<inject bean="MBeanServer"/>
</parameter>
<parameter>org.hornetq:service=StoreToEASBridge</parameter>
</constructor>
<property name="transactionManager">
<inject bean="TransactionManager"/>
</property>
<!-- HornetQ JMS Server must be started before the bridge -->
<depends>JMSServerManager</depends>
</bean>
<bean class="com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionManagerImple" name="TransactionManager">
</bean>
<!-- StoreCFF describes the ConnectionFactory used to connect to the Replication Store destination -->
<bean class="org.hornetq.jms.bridge.impl.JNDIConnectionFactoryFactory" name="StoreCFF">
<constructor>
<parameter>
<inject bean="StoreJNDI"/>
</parameter>
<parameter>/ConnectionFactory</parameter>
</constructor>
</bean>
<!-- ServerCFF describes the ConnectionFactory used to connect to the Replication Server destination -->
<bean class="org.hornetq.jms.bridge.impl.JNDIConnectionFactoryFactory" name="ServerCFF">
<constructor>
<parameter>
<inject bean="ServerJNDI"/>
</parameter>
<parameter>/XAConnectionFactory</parameter>
</constructor>
</bean>
<!-- StoreToEASLocalDestinationFactory describes the Destination used as the StoreToEAS queue at Replication Store -->
<bean class="org.hornetq.jms.bridge.impl.JNDIDestinationFactory" name="StoreToEASLocalDestinationFactory">
<constructor>
<parameter>
<inject bean="StoreJNDI"/>
</parameter>
<parameter>/queue/storeToEASQueue</parameter>
</constructor>
</bean>
<!-- StoreToEASRemoteDestinationFactory describes the Destination used as StoreToEAS queue at Replication Server -->
<bean class="org.hornetq.jms.bridge.impl.JNDIDestinationFactory" name="StoreToEASRemoteDestinationFactory">
<constructor>
<parameter>
<inject bean="ServerJNDI"/>
</parameter>
<parameter>/queue/storeToEASQueue</parameter>
</constructor>
</bean>
<!-- StoreJNDI is a Hashtable containing the JNDI properties required -->
<!-- to connect to theReplication Store JMS resources -->
<bean class="java.util.Hashtable" name="StoreJNDI">
<constructor class="java.util.Map">
<map class="java.util.Hashtable" keyClass="java.lang.String" valueClass="java.lang.String">
<entry>
<key>java.naming.factory.initial</key>
<value>org.jnp.interfaces.NamingContextFactory</value>
</entry>
<entry>
<key>java.naming.provider.url</key>
<!-- **************************************** -->
<!-- Replace with the *source* server address -->
<!-- **************************************** -->
<value>jnp://172.24.1.100:1099</value>
</entry>
<entry>
<key>java.naming.factory.url.pkgs</key>
<value>org.jboss.naming:org.jnp.interfaces"</value>
</entry>
<entry>
<key>jnp.timeout</key>
<value>5000</value>
</entry>
<entry>
<key>jnp.sotimeout</key>
<value>5000</value>
</entry>
</map>
</constructor>
</bean>
<!-- ServerJNDI is a Hashtable containing the JNDI properties required -->
<!-- to connect to the Replication Server JMS resources -->
<bean class="java.util.Hashtable" name="ServerJNDI">
<constructor class="java.util.Map">
<map class="java.util.Hashtable" keyClass="java.lang.String" valueClass="java.lang.String">
<entry>
<key>java.naming.factory.initial</key>
<value>org.jnp.interfaces.NamingContextFactory</value>
</entry>
<entry>
<key>java.naming.provider.url</key>
<!-- **************************************** -->
<!-- Replace with the *target* server address -->
<!-- **************************************** -->
<value>jnp://172.24.1.30:1099</value>
</entry>
<entry>
<key>java.naming.factory.url.pkgs</key>
<value>org.jboss.naming:org.jnp.interfaces"</value>
</entry>
<entry>
<key>jnp.timeout</key>
<value>5000</value>
</entry>
<entry>
<key>jnp.sotimeout</key>
<value>5000</value>
</entry>
</map>
</constructor>
</bean>
<!-- The Store to EAS Reply JMS Bridge -->
<bean class="org.hornetq.jms.bridge.impl.JMSBridgeImpl" name="StoreToEASReplyBridge">
<constructor>
<!-- Source ConnectionFactory Factory -->
<parameter>
<inject bean="ServerCFF"/>
</parameter>
<!-- Destination ConnectionFactory Factory -->
<parameter>
<inject bean="StoreCFF"/>
</parameter>
<!-- Source DestinationFactory -->
<parameter>
<inject bean="StoreToEASReplyRemoteDestinationFactory"/>
</parameter>
<!-- Target DestinationFactory -->
<parameter>
<inject bean="StoreToEASReplyLocalDestinationFactory"/>
</parameter>
<!-- Source username (no username here) -->
<parameter><null/></parameter>
<!-- Source password (no password here)-->
<parameter><null/></parameter>
<!-- Target username (no username here)-->
<parameter><null/></parameter>
<!-- Target password (no password here)-->
<parameter><null/></parameter>
<!-- Selector -->
<parameter>Company = 100 AND Division = '200'AND OperatingUnit = 'NLD'AND StoreCode = 'NS01'</parameter>
<!-- Interval to retry in case of failure (in ms) -->
<parameter>5000</parameter>
<!-- Maximum number of retries to connect to the source and target -->
<parameter>-1</parameter>
<!-- Quality of service -->
<parameter>ONCE_AND_ONLY_ONCE</parameter>
<!-- Maximum batch size -->
<parameter>1</parameter>
<!-- Maximum batch time (-1 means infinite) -->
<parameter>-1</parameter>
<!-- Subscription name (no subscription name here)-->
<parameter><null/></parameter>
<!-- client ID (no client ID here)-->
<parameter><null/></parameter>
<!-- concatenate JMS messageID to the target's message header -->
<parameter>true</parameter>
<!-- register the JMS Bridge in the JMX MBeanServer -->
<parameter>
<inject bean="MBeanServer"/>
</parameter>
<parameter>org.hornetq:service=StoreToEASReplyBridge</parameter>
</constructor>
<property name="transactionManager">
<inject bean="TransactionManager"/>
</property>
<!-- HornetQ JMS Server must be started before the bridge -->
<depends>JMSServerManager</depends>
</bean>
<!-- StoreToEASLocalDestinationFactory describes the Destination used as the StoreToEAS queue at Replication Store -->
<bean class="org.hornetq.jms.bridge.impl.JNDIDestinationFactory" name="StoreToEASReplyLocalDestinationFactory">
<constructor>
<parameter>
<inject bean="StoreJNDI"/>
</parameter>
<parameter>/queue/storeToEASReplyQueue</parameter>
</constructor>
</bean>
<!-- StoreToEASRemoteDestinationFactory describes the Destination used as StoreToEAS queue at Replication Server -->
<bean class="org.hornetq.jms.bridge.impl.JNDIDestinationFactory" name="StoreToEASReplyRemoteDestinationFactory">
<constructor>
<parameter>
<inject bean="ServerJNDI"/>
</parameter>
<parameter>/queue/storeToEASReplyQueue</parameter>
</constructor>
</bean>
</deployment>
Following is the stack trace
HornetQException[errorCode=105 message=Unable to validate user: null]
at org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:141)
at org.hornetq.core.server.impl.HornetQServerImpl.createSession(HornetQServerImpl.java:916)
at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handleCreateSession(HornetQPacketHandler.java:168)
at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handlePacket(HornetQPacketHandler.java:84)
at org.hornetq.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:474)
at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:496)
at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:457)
at org.hornetq.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:459)
at org.hornetq.core.remoting.impl.netty.HornetQChannelHandler.messageReceived(HornetQChannelHandler.java:73)
at org.jboss.netty.channel.SimpleChannelHandler.handleUpstream(SimpleChannelHandler.java:100)
at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:362)
at org.jboss.netty.channel.StaticChannelPipeline$StaticChannelHandlerContext.sendUpstream(StaticChannelPipeline.java:514)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:287)
at org.hornetq.core.remoting.impl.netty.HornetQFrameDecoder2.decode(HornetQFrameDecoder2.java:169)
at org.hornetq.core.remoting.impl.netty.HornetQFrameDecoder2.messageReceived(HornetQFrameDecoder2.java:134)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:80)
at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:362)
at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:357)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:274)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:261)
at org.jboss.netty.channel.socket.oio.OioWorker.run(OioWorker.java:90)
at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
at org.jboss.netty.util.internal.IoWorkerRunnable.run(IoWorkerRunnable.java:46)
at org.jboss.netty.util.VirtualExecutorService$ChildExecutorRunnable.run(VirtualExecutorService.java:181)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)