3 Replies Latest reply on Sep 27, 2012 10:24 PM by xin.zhang.song

    How to disable the JMS security

    xin.zhang.song
    xin.zhang.song Sep 26, 2012 11:40 PM

      Hi All

       

      I have a question about the JMS security in AS7, what should I do to disable the JMS security? for example:

       

            // Set up the context for the JNDI lookup

                  final Properties env = new Properties();

                  env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);

                  env.put(Context.PROVIDER_URL, System.getProperty(Context.PROVIDER_URL, PROVIDER_URL));

                 // it does not need the username and password

                  env.put(Context.SECURITY_PRINCIPAL, "username");

                  env.put(Context.SECURITY_CREDENTIALS, "password");

                  context = new InitialContext(env);

       

       

                  // Perform the JNDI lookups

                  String connectionFactoryString = System.getProperty("connection.factory", DEFAULT_CONNECTION_FACTORY);

                  log.info("Attempting to acquire connection factory \"" + connectionFactoryString + "\"");

                  connectionFactory = (ConnectionFactory) context.lookup(connectionFactoryString);

                  log.info("Found connection factory \"" + connectionFactoryString + "\" in JNDI");

       

       

                  String destinationString = System.getProperty("destination", DEFAULT_DESTINATION);

                  log.info("Attempting to acquire destination \"" + destinationString + "\"");

                  destination = (Destination) context.lookup(destinationString);

                  log.info("Found destination \"" + destinationString + "\" in JNDI");

       

       

                  // Create the JMS connection, session, producer, and consumer

                 // there is no need the username and password when create connection .

                 connection = connectionFactory.createConnection("usernme", "password");

       

       

      Thanks

       

      Xin

        • 1. Re: How to disable the JMS security
          wdfink
          wdfink Sep 27, 2012 2:45 AM (in response to xin.zhang.song)

          I suppose it is related to the security-setting of the messaging subsystem. Also you can add <security-enabled>false</security-enabled> to the hornetq-server element.

           

          Also the security-realm of the remoting subsystem might come into play for the physical connection (you might remove it to unsecure).

           

          You might have a look into the docs/schema/jboss-as-messaging*.xsd or you use the CLI interface to change the configuration, here you have tab-completition and help.

            • Actions
          • 2. Re: How to disable the JMS security
            jbertram
            jbertram Sep 27, 2012 10:23 AM (in response to xin.zhang.song)

            The first thing to realize here is that you're dealing with 2 different types of security.  The first is security on the JNDI call, the second is security on the messaging subsystem (i.e. HornetQ).  As Wolf mentioned, you can disable security on the messaging subsystem by setting:

             

            <security-enabled>false</security-enabled>

             

            If you want to disable security for JNDI then (as Wolf mentioned) you can to remove the security-realm from the "remoting-connector".

            1 of 1 people found this helpful
              • Actions
            • 3. Re: How to disable the JMS security
              xin.zhang.song
              xin.zhang.song Sep 27, 2012 10:24 PM (in response to xin.zhang.song)

              Thank you! the problem has been resolved

                • Actions