13 Replies Latest reply on Apr 28, 2009 11:30 PM by Tim Fox

    Security Configuration --- getting confused

    Yong Hao Gao Master

      Hi, when working on the security example, I improved the configuration a little, adding some more stuff here. But I'm confused that the configuration seems not consistent with my result.

      In the configuration I have 4 users bill, andrew, frank and sam, each has different roles
      And I also configured 3 topics: genericTopic, news.europe.europeTopic and news.us.usTopic.
      The security settings can be simply described in the following chart:

      Users | user | news-user | europe-user | us-user
      --------------------------------------------------------------------
      bill | X | | |
      andrew | X | | X |
      frank | X | X | | X
      sam | X | X | |
      --------------------------------------------------------------------
      Topics | | | |
      --------------------------------------------------------------------
      genericTopic | rw | rw | rw | rw
      europeTopic | | r | w |
      usTopic | | r | | w
      --------------------------------------------------------------------
      
      Note:
      
      r --- means the corresponding role can receive messages from the topic
      w --- means the corresponding role can send messages to the topic
      
      


      But when I run the example to show the result, I got several 'Security Broken' cases, The output is:

      
       [java] User bill can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
       [java] User bill can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
       [java] User andrew can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
       [java] User andrew can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
       [java] User frank can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
       [java] User frank can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
       [java] User sam can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
       [java] User sam can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
       [java] User bill cannot create consumer on topic JBossTopic[news.europe.europeTopic]
       [java] User bill cannot send message [hello-world-3] to topic: JBossTopic[news.europe.europeTopic]
       [java] User andrew can send message [hello-world-2] to topic JBossTopic[news.europe.europeTopic]
       [java] Security setting is broken! User andrew can receive message [hello-world-2] from topic JBossTopic[news.europe.europeTopic]
       [java] Security setting is broken! User frank can send message [hello-world-1] to topic JBossTopic[news.europe.europeTopic]
       [java] User frank can receive message [hello-world-1] from topic JBossTopic[news.europe.europeTopic]
       [java] Security setting is broken! User sam can send message [hello-world-1] to topic JBossTopic[news.europe.europeTopic]
       [java] User sam can receive message [hello-world-1] from topic JBossTopic[news.europe.europeTopic]
       [java] User bill cannot create consumer on topic JBossTopic[news.us.usTopic]
       [java] User bill cannot send message [hello-world-3] to topic: JBossTopic[news.us.usTopic]
       [java] User andrew cannot send message [hello-world-3] to topic: JBossTopic[news.us.usTopic]
       [java] Security setting is broken! User andrew can receive message [hello-world-3] from topic JBossTopic[news.us.usTopic]
       [java] User frank can send message: [hello-world-4] to topic: JBossTopic[news.us.usTopic]
       [java] User frank can receive message: [hello-world-4] from topic: JBossTopic[news.us.usTopic]
       [java] Security setting is broken! User sam can send message [hello-world-1] to topic JBossTopic[news.us.usTopic]
       [java] User sam can receive message [hello-world-1] from topic JBossTopic[news.us.usTopic]
       [java] Java Result: 1
      
      


      If you take one error from the above, for example:
      Security setting is broken! User andrew can receive message [hello-world-2] from topic J
      BossTopic[news.europe.europeTopic]
      


      You can see user andrew can receive message from news.europe.europeTopic, which should not according to the chart.

      What's wrong? Can anybody help? I really have no idea.