[jboss-cvs] JBoss Messaging SVN: r6492 - in trunk/examples/jms: security and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Apr 20 08:14:15 EDT 2009
Author: timfox
Date: 2009-04-20 08:14:15 -0400 (Mon, 20 Apr 2009)
New Revision: 6492
Modified:
trunk/examples/jms/browser/server0/jbm-configuration.xml
trunk/examples/jms/browser/server0/jbm-queues.xml
trunk/examples/jms/security/readme.html
trunk/examples/jms/security/server0/jbm-queues.xml
Log:
updates to security example
Modified: trunk/examples/jms/browser/server0/jbm-configuration.xml
===================================================================
--- trunk/examples/jms/browser/server0/jbm-configuration.xml 2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/browser/server0/jbm-configuration.xml 2009-04-20 12:14:15 UTC (rev 6492)
@@ -23,7 +23,7 @@
<!-- Other config -->
<journal-min-files>2</journal-min-files>
-
+
</configuration>
</deployment>
Modified: trunk/examples/jms/browser/server0/jbm-queues.xml
===================================================================
--- trunk/examples/jms/browser/server0/jbm-queues.xml 2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/browser/server0/jbm-queues.xml 2009-04-20 12:14:15 UTC (rev 6492)
@@ -3,6 +3,7 @@
xsi:schemaLocation="urn:jboss:messaging ../schemas/jbm-queues.xsd ">
<!--security for example queue-->
+
<security match="jms.queue.exampleQueue">
<permission type="createDurableQueue" roles="guest"/>
<permission type="deleteDurableQueue" roles="guest"/>
Modified: trunk/examples/jms/security/readme.html
===================================================================
--- trunk/examples/jms/security/readme.html 2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/security/readme.html 2009-04-20 12:14:15 UTC (rev 6492)
@@ -11,8 +11,10 @@
<p>With security properly configured, JBoss Messaging can restrict client access to its resouces, including
connection creation, message sending/receiving, etc. This is done by configuring users and roles as well as permissions in
the configuration files. </p>
+ <p>For a full description of how to configure security with JBoss Messaging, please consult the user
+ manual.</p>
<p>In this example, two users jbm-sender and jbm-consumer are configured. User jbm-sender belongs to user role and sender role. User
- jbm-consumer belongs to user role and consumer role. They are configured in server0/jbm-security.xml, as below: </p>
+ jbm-consumer belongs to user role and consumer role. They are configured in server0/jbm-users.xml, as below: </p>
<pre>
<code>
@@ -35,7 +37,7 @@
<pre>
<code>
- <security match="jms.topic.exampleTopic">
+ <security match="jms.#">
<permission type="createDurableQueue" roles="user"/>
<permission type="deleteDurableQueue" roles="user"/>
<permission type="createTempQueue" roles="user"/>
@@ -46,12 +48,21 @@
</code>
</pre>
+ <p>Permissions can be defined on any group of queues, by using a wildcard. In the above example
+ we use the wildcard expression <code>match="jms.#"</code> to apply the permissions to all JMS
+ queues and topics. If you wanted different permissions for different queues and topics depending on their
+ name, you can easily create matching wildcards to do this. For more information on how to configure
+ security wild-cards please see the user manual.</p>
+
<p>As you can see, both users can access queue resources (role user). However, user jbm-sender (of role sender) can only send messages
and user jbm-consumer (of role consumer) can only consume messages. In this example the jbm-consumer tries to send message but failed
as it doesn't has the right to do so.</p>
<p>With JBoss Messaging, the security manager is configurable. You can use JAASSecurityManager or JBossASSecurityManager based on you need. Please
check out the jbm-standalone-beans.xml for how to do.</p>
+
+ <p>In this example we just use the basic JBMSecurityManagerImpl which reads users/roles/passwords from the xml
+ file <code>jbm-users.xml</code>.
<br>
<h2>Example step-by-step</h2>
Modified: trunk/examples/jms/security/server0/jbm-queues.xml
===================================================================
--- trunk/examples/jms/security/server0/jbm-queues.xml 2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/security/server0/jbm-queues.xml 2009-04-20 12:14:15 UTC (rev 6492)
@@ -2,8 +2,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:jboss:messaging ../schemas/jbm-queues.xsd ">
- <!--security for example topic-->
- <security match="jms.topic.#">
+ <security match="jms.#">
<permission type="createDurableQueue" roles="user"/>
<permission type="deleteDurableQueue" roles="user"/>
<permission type="createTempQueue" roles="user"/>
More information about the jboss-cvs-commits
mailing list