I simply include all the jars from the jboss\client directory in my classpath and then connect like this:
jndiContext = new InitialContext();
queueConnectionFactory = (QueueConnectionFactory)
peopleQueue = (Queue) jndiContext.lookup("queue/peopleQueue");
answerQueue = (Queue) jndiContext.lookup("queue/answerQueue");
queueSender = queueSession.createSender(peopleQueue);
message = queueSession.createTextMessage();
Oh yeah, I also have jndi.properties on my classpath.
Hope this helps,
I found the error myself. I needed to include the securityconf like in the testcase.
Then I get access from the same host as jboss is running. Does this also work from other hosts? Then I think it is a security problem, as the password is the only thing stopping others to access the JMS!
are you using the lates 3.0 source from CVS to do this?
- JbossMQ is much more secure today than i was a couple of weeks ago, since it is actually possible to enforce user/password for destination, which was not at all possible before.
- No, there is absolutely no way of having accessrights based on ip.
> are you using the lates 3.0 source from CVS to do
> - JbossMQ is much more secure today than i was a
> couple of weeks ago, since it is actually possible to
> enforce user/password for destination, which was not
> at all possible before.
But is this user/pw transferred securely over the internet? If not, it helps little if the client is on a public net.
> - No, there is absolutely no way of having
> accessrights based on ip.
It looks like to me to, that you either allow RMI queries (1099?), including JMS, or no at all. If it is not using a special port, the firewall will have no chance of stopping it. (without analyzing the traffic though)
That is true, its clear text passwords. But the JMS spec is really not designed to be run outside of intranets.
You could probably turn on encryption on the socket layer or RMI and get away with it, or try to integrate with Scots more secure password stuff and give it back to JBoss.
user/password is what there is for now. If you want something other, either chose another provider or contribute code to JBoss, or inspire someone else to do it.