3 Replies Latest reply on Sep 27, 2012 10:24 PM by Xin Zhang

    How to disable the JMS security

    Xin Zhang Novice

      Hi All


      I have a question about the JMS security in AS7, what should I do to disable the JMS security? for example:


            // Set up the context for the JNDI lookup

                  final Properties env = new Properties();


                  env.put(Context.PROVIDER_URL, System.getProperty(Context.PROVIDER_URL, PROVIDER_URL));

                 // it does not need the username and password

                  env.put(Context.SECURITY_PRINCIPAL, "username");

                  env.put(Context.SECURITY_CREDENTIALS, "password");

                  context = new InitialContext(env);



                  // Perform the JNDI lookups

                  String connectionFactoryString = System.getProperty("connection.factory", DEFAULT_CONNECTION_FACTORY);

                  log.info("Attempting to acquire connection factory \"" + connectionFactoryString + "\"");

                  connectionFactory = (ConnectionFactory) context.lookup(connectionFactoryString);

                  log.info("Found connection factory \"" + connectionFactoryString + "\" in JNDI");



                  String destinationString = System.getProperty("destination", DEFAULT_DESTINATION);

                  log.info("Attempting to acquire destination \"" + destinationString + "\"");

                  destination = (Destination) context.lookup(destinationString);

                  log.info("Found destination \"" + destinationString + "\" in JNDI");



                  // Create the JMS connection, session, producer, and consumer

                 // there is no need the username and password when create connection .

                 connection = connectionFactory.createConnection("usernme", "password");






        • 1. Re: How to disable the JMS security
          Wolf-Dieter Fink Master

          I suppose it is related to the security-setting of the messaging subsystem. Also you can add <security-enabled>false</security-enabled> to the hornetq-server element.


          Also the security-realm of the remoting subsystem might come into play for the physical connection (you might remove it to unsecure).


          You might have a look into the docs/schema/jboss-as-messaging*.xsd or you use the CLI interface to change the configuration, here you have tab-completition and help.

          • 2. Re: How to disable the JMS security
            Justin Bertram Master

            The first thing to realize here is that you're dealing with 2 different types of security.  The first is security on the JNDI call, the second is security on the messaging subsystem (i.e. HornetQ).  As Wolf mentioned, you can disable security on the messaging subsystem by setting:




            If you want to disable security for JNDI then (as Wolf mentioned) you can to remove the security-realm from the "remoting-connector".

            1 of 1 people found this helpful
            • 3. Re: How to disable the JMS security
              Xin Zhang Novice

              Thank you! the problem has been resolved