This content has been marked as final.
Show 6 replies
-
1. Re: Will other login modules work w/ Messaging?
ovidiu.feodorov Apr 28, 2006 1:02 PM (in response to oliverhrdz)Messaging should work with any JAAS loging module. It's true I didn't test it with DynamicLoginModule (it's a JBossMQ module). I'll investigate and get back to you.
-
2. Re: Will other login modules work w/ Messaging?
oliverhrdz Apr 28, 2006 3:53 PM (in response to oliverhrdz)I'm trying for the sake of testing to use the default login module, and cannot get it to work. From my client, I'm getting:
2006-04-28 14:33:42,293 WARN [inbound] An exception occurred on the server side when making remote invocation. The exception returned from server does not include a stack trace. Original server side exception message is User jms is NOT authenticated javax.jms.JMSSecurityException: User jms is NOT authenticated
The server doesn't log anything.
I added the security domain to my "login-config.xml" per the readme included with Messaging.
My messaging-users.properties:# A sample users.properties file for use with the UsersRolesLoginModule admin=admin jms=jms
My messaging-roles.properties:# A sample roles.properties file for use with the UsersRolesLoginModule admin=JBossAdmin,HttpInvoker jms=discon
My test queue I'm trying to send to:<?xml version="1.0" encoding="UTF-8"?> <server> <loader-repository>jboss.messaging:loader=ScopedLoaderRepository <loader-repository-config>java2ParentDelegation=false</loader-repository-config> </loader-repository> <mbean code="org.jboss.jms.server.destination.Queue" name="jboss.messaging.destination:service=Queue,name=99999" xmbean-dd="xmdesc/Queue-xmbean.xml"> <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends> <attribute name="SecurityConfig"> <security> <role name="discon" read="true" write="true" create="true"/> </security> </attribute> </mbean> </server>
I can successfully send messages if I set the role for my queue to "guest", but not if I set it to my defined role.
TIA. -
3. Re: Will other login modules work w/ Messaging?
ovidiu.feodorov Apr 28, 2006 3:56 PM (in response to oliverhrdz)seems to be a bug. Please raise a JIRA issue, since 1.0.1.CR1 is not out yet, I'll try to include the fix in the release
-
4. Re: Will other login modules work w/ Messaging?
oliverhrdz May 1, 2006 12:51 PM (in response to oliverhrdz)I figured out the problem. May just require updating documentation. I added the following comment to the JIRA task I opened:
I believe this can be closed, the problem is due to a misconfiguration. I noticed within the current scoped sar of Messaging the "messaging-users.properties" and "messaging-roles.properties" files. I was configuring my users and roles in the files under the "\conf" folder. Once I removed the files from the scoped sar, I was able to send to my destinations configured with my security role. -
5. Re: Will other login modules work w/ Messaging?
ovidiu.feodorov May 1, 2006 12:56 PM (in response to oliverhrdz)Thanks, I'll update the documentation
-
6. Re: Will other login modules work w/ Messaging?
oliverhrdz May 2, 2006 1:31 PM (in response to oliverhrdz)"OliverHrdz" wrote:
In JBossMQ, we used the "org.jboss.mq.sm.file.DynamicLoginModule" login module configured to store hashed passwords in the "jbossmq-state.xml" file. I couldn't get this to work running Messaging under JBoss 4.0.3SP1. Is Messaging currently just limited to the "org.jboss.security.auth.spi.UsersRolesLoginModule" login module?
I only needed a way to store hashed passwords, and found out I could do this with the default login module "org.jboss.security.auth.spi.UsersRolesLoginModule", instead of the "org.jboss.mq.sm.file.DynamicLoginModule" login module that I couldn't get to work. The default module also takes the following options:<module-option name="hashAlgorithm">MD5</module-option> <module-option name="hashEncoding">base64</module-option>
This is well documented in the JBoss 4 AS Guide.