5 Replies Latest reply on Jan 16, 2012 2:57 PM by davidw53

    Set up HornetQ JMS security

    davidw53

      Having tested the hornetq security example, I have not been able to secure any JMS destinations in JBoss

       

      I created this bug report https://issues.jboss.org/browse/AS7-3150

       

      The best guess is that HornetQ security manager is not configured.

       

      Does anyone know how to set this up in code or otherwise?

        • 1. Re: Set up HornetQ JMS security
          davidw53

          Seriously, I'm a little surprised that no one else seems interested. Even if this is optional in the JMS spec (I don't know) and its absense does not amount to an instability, I seems like quite an omission to me.

           

          I conventionally set up security even for servers that have no direct external access, as it is a good way to e.g. prevent accidental crosstalk between development and production systems. It's the same reason that you conventionally log into internal-only DB connections.

           

          I've half a mind to fix this myself. I imagine that a hornetq security domain needs setting up, with a default guest login and role. The hornetq security manager must be instantiated from this and then passed to the hornetq server instance(s). Perhaps the hornetq server instance should reference a security domain as it seems possible to set up multiple horentq server instances (I havn't tried it).

           

          I'm more likely to go ahead with this if there's at least some support/interest from others.

          • 2. Re: Set up HornetQ JMS security
            stianst

            I would like to see this issue fixed, see my initial comment on it here http://community.jboss.org/message/631110.

            • 3. Re: Set up HornetQ JMS security
              yves.p

              I'm also interested in a fix. I want to use HornetQ with security features as a central messaging server and I want to used it inside JBoss 7 (not standalone) so I don't need two different operating concepts (one for HornetQ and one for JBoss 7). Using it inside JBoss 7 has also other advantages like the CLI or the Webconsole.

              • 4. Re: Set up HornetQ JMS security
                davidw53

                I want to use HornetQ with Tomcat and, without any great desire to use EJB, JBoss is a simple way to do it, and the performance/scalability gap should now be much reduced with JBoss'es modules implementation.

                 

                Later I will want to also use Tomcat with JPA/hibernate, and using JBoss everywhere is much more straigtforward and less hassle than contriving different setups for each different application.

                • 5. Re: Set up HornetQ JMS security
                  davidw53

                  Would those who wish to see this fixed please vote for https://issues.jboss.org/browse/AS7-3150 as well as replying here?

                   

                  There is some hope for a fix as the bug has been assigned to be fixed in 7.1.0.Final