I'm using JBoss3.0. The way I understand security of JBossMQ is that it has its own security domain context setup in login-config.xml as "jbossmq". This references the DynamicLoginModule which references the StateManager which uses username/passwords/roles setup in jbossmq-state.xml.
What I don't understand is how I can login to this security context so that my EJB/MBean/What-have-you can gain access to things secured under jbossmq, specifically topics I've created. Let me be clear, everything works fine if I give the unauthenticatedIdentity full access, however I need to restrict access to unauthenticated users. My MDB's can gain access successfully w/ the somewhat hidden attributes <mdb-user> and <mdb-password> (setup in jboss.xml).
Can a someone give me some insight? The exact error I'm getting (even after logging in to the jbossmq application configuration) is:
javax.jms.JMSSecurityException: Connection not autorized to addMessages to destination: StateChange
Stepping through the code isn't shedding much light on the issue.
Nevermind, I figured it out. You have to login via the Connection Factory. Thanks.