0 Replies Latest reply on Sep 29, 2011 8:18 AM by Stéphane MASSON

    [REST] Expose and secure HornetQ (standalone) for both netty and REST clients

    Stéphane MASSON Newbie

      I'm trying to expose HornetQ for both netty and REST clients in an embed war as demonstrated in the 'mixed-jms-rest' example (HornetQ-REST-Examples_2.2.2.Final). (http://downloads.jboss.org/hornetq/HornetQ-REST-Examples_2.2.2.Final.zip)

       

      I would like to secure the destinations but if I secure the netty acceptor in hornetq-configuration.xml) e.g.:

      <security-setting match="jms.topic.secured.#">

         <permission type="createDurableQueue" roles="user"/>

         <permission type="deleteDurableQueue" roles="user"/>

         <permission type="createNonDurableQueue" roles="user"/>

         <permission type="deleteNonDurableQueue" roles="user"/>

         <permission type="consume" roles="consumer"/>

         <permission type="send" roles="producer"/>

      </security-setting>

       

      the REST interface is enable to connect. the error is:

       

      HornetQException[errorCode=105 message=User: null doesn't have permission='CREATE_DURABLE_QUEUE' on address jms.topic.secured.ExampleSecuredDurableTopic]

           at org.hornetq.rest.topic.SubscriptionsResource.createSubscription(SubscriptionsResource.java:217)

       

      Is there a solution to pass credentials form REST interface to HorentQ core, in this embedded use case?

       

      Or better: to secure only netty acceptor but not the InVM one (used by the REST interface)?

       

      Thanks in advance