I have a situation - I got an MDB that needs by passing the secured JMS Server.
That is, I have a secured JBM using DatabaseLoginModule.
The login-config.xml's messaging domain reflects use of this module.
The messaging-service.xml is updated to add the DefaultSecurityConfig.
Now, I want the external clients to get authenticated and authorised while my MDB should by pass.
So, I've added unauthenticatedIdentity as 'guest' to the 'messaging' applicaiton policy in login-config.xml
I've added the relevant security-identity and security-role to the ejb-jar.xml.
I've also added security-domain to the jboss.xml - I've pointed to java:jaas/messaging (tried with 'other' too). Iv'e added the security-domain to the container configuraiton too.
Inspite of doign this, when I deploy my MDB it complains saying the user null is not authenticated.
I'll appreciate if someone thorws a bit of light on this issue.
(My understanding is that MDB uses the DefaultJMSProvider which inturns uses the default (XA)ConnectionFactory which I think uses the 'messaging' applicaiton policy - right or wrong?)