3 Replies Latest reply on Jul 9, 2012 4:24 AM by ataylor

    Problem while implementing Role Based Security in HornetQ Standalone Server

    etp_scm
    etp_scm Jul 9, 2012 2:14 AM

      Hi,

       

      I am trying to implement Role Based Security in HornetQ Standalone server(HornetQ 2.2.5) . Following are the configuration files

       

      HornetQ-configuration.xml

       

      <security-settings>

               <security-setting match="jms.queue.ReplicationStore.#">

                  <permission type="consume" roles="user"/>

                  <permission type="send" roles="user"/>

                  <permission type="createNonDurableQueue" roles="user"/>

                  <permission type="deleteNonDurableQueue" roles="user"/>

                  <permission type="createDurableQueue" roles="user"/>

                         <permission type="deleteDurableQueue" roles="user"/>

               </security-setting>

       

       

          </security-settings>

       

      hornetq-jms.xml

       

      <queue name="ReplicationStore.StoreUploadQueue">

            <entry name="/queue/storeToEASQueue"/>

         </queue>

       

       

         <queue name="ReplicationStore.StoreReplyQueue">

            <entry name="/queue/storeToEASReplyQueue"/>

         </queue>

        

         <queue name="ReplicationStore.EASUploadQueue">

            <entry name="/queue/EASToStoreQueue"/>

         </queue>

       

       

         <queue name="ReplicationStore.EASReplyQueue">

            <entry name="/queue/EASToStoreReplyQueue"/>

         </queue>

       

      hornetq-users.xml

       

      <user name="bill" password="hornetq">

            <role name="user"/>

         </user>

       

       

      I am creating a connection using this :-

       

      mwwObjConnection = mwwObjConnectionFactory.createConnection("bill","hornetq");

       

      When I start the server, I get the following error

       

      HornetQException[errorCode=105 message=Unable to validate user: null]

              at org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:141)

              at org.hornetq.core.server.impl.HornetQServerImpl.createSession(HornetQServerImpl.java:916)

              at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handleCreateSession(HornetQPacketHandler.java:168)

              at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handlePacket(HornetQPacketHandler.java:84)

              at org.hornetq.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:474)

              at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:496)

              at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:457)

              at org.hornetq.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:459)

              at org.hornetq.core.remoting.impl.netty.HornetQChannelHandler.messageReceived(HornetQChannelHandler.java:73)

              at org.jboss.netty.channel.SimpleChannelHandler.handleUpstream(SimpleChannelHandler.java:100)

              at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:362)

              at org.jboss.netty.channel.StaticChannelPipeline$StaticChannelHandlerContext.sendUpstream(StaticChannelPipeline.java:514)

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:287)

              at org.hornetq.core.remoting.impl.netty.HornetQFrameDecoder2.decode(HornetQFrameDecoder2.java:169)

              at org.hornetq.core.remoting.impl.netty.HornetQFrameDecoder2.messageReceived(HornetQFrameDecoder2.java:134)

              at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:80)

              at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:362)

              at org.jboss.netty.channel.StaticChannelPipeline.sendUpstream(StaticChannelPipeline.java:357)

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:274)

              at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:261)

              at org.jboss.netty.channel.socket.oio.OioWorker.run(OioWorker.java:90)

              at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

              at org.jboss.netty.util.internal.IoWorkerRunnable.run(IoWorkerRunnable.java:46)

              at org.jboss.netty.util.VirtualExecutorService$ChildExecutorRunnable.run(VirtualExecutorService.java:181)

              at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

              at java.lang.Thread.run(Thread.java:662)

       

      I cannot understand why am I getting this error when I am not even using the default user.

       

      Even when I add the default user in hornetq-users.xml, then the server throws an exception

       

      javax.jms.JMSSecurityException: User: null doesn't have permission='CONSUME' on address jms.queue.ReplicationStore.StoreUploadQueue

       

      Only when I create a default user and add default user's role in <security-settings>, then only it works..

       

      Please help..