Just to add a couple of things about our configuration, JBM is using the default "messaging" realm with no changes.
Do you expect that after the send, JBM sets the Principle to the context? I don't think JBM will do this. Authentication and authorization are done at the server end.
Maybe i didn't understand you correctly. if so, can you give some code sample to illustrate? Thanks.
No I did not expect it to set the principal to the context. However, I also did not expect the send call to "wipe-out" the existing credentials associated with the calling thread.
System.out.println("In start of JMS Feed Session:" + JBossUtils.getCurrentUsername()); <== Non null principal defaultPublisher.send(outboundQueue, message); System.out.println("In start (After Send) of JMS Feed Session:" + JBossUtils.getCurrentUsername()); <===== NULL
Are you using JmsXA? I don't think JBM changes any security context during a send.
We use "ConnectionFactory" to create the connection factory which is defined as:
<mbean code="org.jboss.jms.server.connectionfactory.ConnectionFactory" name="jboss.messaging.connectionfactory:service=ConnectionFactory" xmbean-dd="xmdesc/ConnectionFactory-xmbean.xml"> <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends> <depends optional-attribute-name="Connector">jboss.messaging:service=Connector,transport=bisocket</depends> <depends>jboss.messaging:service=PostOffice</depends> <attribute name="JNDIBindings"> <bindings> <binding>/ConnectionFactory</binding> <binding>/XAConnectionFactory</binding> <binding>java:/ConnectionFactory</binding> <binding>java:/XAConnectionFactory</binding> </bindings> </attribute> </mbean>
Thanks for your quick response.
Hi thanks for the info.
I checked JBM code and couldn't find any code that changes the context. Maybe it's a good idea that you put your question to the jboss security forum too.
I actually just tried JBM 2.0 Beta and it worked correctly. Same code different JMS implementation. I will see if I can dig deeper.
SecurityAssociation.getCallerPrincipal() ---->get the right user
connection = queueFactory.createQueueConnection("guest","guest"); session = connection.createQueueSession(true,Session.AUTO_ACKNOWLEDGE); queue = (Queue)sls.getJNDIResource(queueName); queueSender = session.createSender(queue); ObjectMessage obj_message = session.createObjectMessage(); obj_message.setObject(obj); queueSender.send(obj_message);
SecurityAssociation.getCallerPrincipal() ----->principal= null
1)How can I upgrade from JBM 1.4.3 ->JBM2.0.0.B4
2)If I pop the seucrity context before invoke JMS code, and push back after queueSender.send(), works while executed later EJB code, but still get the principal=null when execution come out to the Sturct action layer and invoke EJB code again