Security on a JMS Queue

lynke Oct 17, 2003 5:03 AM

I have been trying to get a JMS queue secured which has a messagedrivenbean consuming the messages from it and have come across a small problem.

When I change the security conf in the jboss-mqdestinations, unless there is a guest configuration there, no clients can log in without authentcation to post messages(good) but the messagedrivenbean also can't be authorized (even with run-as set).

Does anyone know how to prevent some people from posting to a JMS queue and still have it consumed by a message driven bean?

Any help would be greatly appreciated!!

Using JBoss 3.2.1 stable version

Regards,
Les

1. Re: Security on a JMS Queue

adrian.brock Oct 17, 2003 8:05 AM (in response to lynke)

<run-as> is not relevent, it is used for authorization
for things invoked from the onMessage method.

You are interested in authorization when the MDB retrieves the
message. In jboss.xml

<message-driven>

<ejb-name>test/MyQueue</ejb-name>

<destination-jndi-name>queue/MyQueue</destination-jndi-name>
<mdb-user>guest</mdb-user>
<mdb-passwd>guest</mdb-passwd>
</message-driven>

Regards,
Adrian
Actions
2. Re: Security on a JMS Queue

lynke Oct 19, 2003 8:59 AM (in response to lynke)

Thanks Adrian!!

This works like a dream :) ..

Much appreciated!!

Regards,
Les
Actions

Go to original post