Running JBoss3.2.2 (also tried RC4) I want to model the following scenario:
I have two roles, admin and client, no guest role. I put these only two users / roles in jbossmq-state.xml and removed all the "guest" - entries. The role of the client is named 'clientRole'. The client can connect and create a factory with his username/password. Fine. In the MBean descriptor for a queue I create on server startup I wrote:
The client cannot post messages to this queue, JMSSecurityException:
javax.jms.JMSSecurityException: Connection not autorized to addMessages to destination: jeremi_client_queue
If I add the same line regarding the clientRole in the file jbossmq-service.xml in the "DefaultSecurityConfig" section, the client can connect. But then I loose the individual settings per destination.
1) How are the settings for individual destinations and the settings in jbossmq-service.xml connected? Which one counts?
2) How can I model security constraints on a per destination basis?
3) When I create a temporary queue, which users are allowed to connect? Where can I configure this?