0 Replies Latest reply on Apr 9, 2005 1:27 AM by Jens Elkner

    JMS + Security

    Jens Elkner Apprentice

      I've setup an application, which uses JMS Topics to inform stand-alone clients about certain state change. So the client subscribe to the well known topic and receive messages.

      Now I want to secure the topic, so that authenticated clients are able to subscribe to the topics, only. I've an application policy defined in conf/login-config.xml like this:

      <application-policy name="myApp">
       <authenication> ... </authentication>
      </application-policy>


      which is used by EJB3 @SecurityDomain. And a my-app-service.xml like:

      <server>
       <mbean code="org.jboss.mq.server.jmx.Topic"
       name="jboss.mq.destination:service=Topic,name=myApp">
       <attribute name="JNDIName">topic/myApp/check</attribute>
       <depends optional-attribute-name="DestinationManager"
       >jboss.mq:service=DestinationManager</depends>
       </mbean>
      </server>


      Problem: How do I need to change the my-app-service.xml to use the the roles from the "myApp" application policy?

      Of course, I can add
      <depends optional-attribute-name="SecurityManager">
       jboss.mq:service=SecurityManager
      <depends>

      but the problem is, that it refers to the <application-policy name="jbossmq">, which gets its information from a completely different datasource ...

      So, has anybody a hint for me ?