[jboss-cvs] JBoss Messaging SVN: r6492 - in trunk/examples/jms: security and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Apr 20 08:14:15 EDT 2009 

Author: timfox
Date: 2009-04-20 08:14:15 -0400 (Mon, 20 Apr 2009)
New Revision: 6492

Modified:
   trunk/examples/jms/browser/server0/jbm-configuration.xml
   trunk/examples/jms/browser/server0/jbm-queues.xml
   trunk/examples/jms/security/readme.html
   trunk/examples/jms/security/server0/jbm-queues.xml
Log:
updates to security example

Modified: trunk/examples/jms/browser/server0/jbm-configuration.xml
===================================================================
--- trunk/examples/jms/browser/server0/jbm-configuration.xml	2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/browser/server0/jbm-configuration.xml	2009-04-20 12:14:15 UTC (rev 6492)
@@ -23,7 +23,7 @@
       <!-- Other config -->
 
       <journal-min-files>2</journal-min-files>
-
+      
    </configuration>
 
 </deployment>

Modified: trunk/examples/jms/browser/server0/jbm-queues.xml
===================================================================
--- trunk/examples/jms/browser/server0/jbm-queues.xml	2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/browser/server0/jbm-queues.xml	2009-04-20 12:14:15 UTC (rev 6492)
@@ -3,6 +3,7 @@
             xsi:schemaLocation="urn:jboss:messaging ../schemas/jbm-queues.xsd ">
 
    <!--security for example queue-->
+   
    <security match="jms.queue.exampleQueue">
       <permission type="createDurableQueue" roles="guest"/>
       <permission type="deleteDurableQueue" roles="guest"/>

Modified: trunk/examples/jms/security/readme.html
===================================================================
--- trunk/examples/jms/security/readme.html	2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/security/readme.html	2009-04-20 12:14:15 UTC (rev 6492)
@@ -11,8 +11,10 @@
      <p>With security properly configured, JBoss Messaging can restrict client access to its resouces, including 
      connection creation, message sending/receiving, etc. This is done by configuring users and roles as well as permissions in 
      the configuration files. </p>
+     <p>For a full description of how to configure security with JBoss Messaging, please consult the user
+     manual.</p>
      <p>In this example, two users jbm-sender and jbm-consumer are configured. User jbm-sender belongs to user role and sender role. User
-     jbm-consumer belongs to user role and consumer role. They are configured in server0/jbm-security.xml, as below: </p>
+     jbm-consumer belongs to user role and consumer role. They are configured in server0/jbm-users.xml, as below: </p>
      
      <pre>
      <code>
@@ -35,7 +37,7 @@
      
      <pre>
      <code>
-      &lt;security match=&quot;jms.topic.exampleTopic&quot;&gt;
+      &lt;security match=&quot;jms.#&quot;&gt;
          &lt;permission type=&quot;createDurableQueue&quot; roles=&quot;user&quot;/&gt;
          &lt;permission type=&quot;deleteDurableQueue&quot; roles=&quot;user&quot;/&gt;
          &lt;permission type=&quot;createTempQueue&quot; roles=&quot;user&quot;/&gt;
@@ -46,12 +48,21 @@
      </code>
      </pre>
      
+     <p>Permissions can be defined on any group of queues, by using a wildcard. In the above example
+     we use the wildcard expression <code>match="jms.#"</code> to apply the permissions to all JMS
+     queues and topics. If you wanted different permissions for different queues and topics depending on their
+     name, you can easily create matching wildcards to do this. For more information on how to configure
+     security wild-cards please see the user manual.</p>
+     
      <p>As you can see, both users can access queue resources (role user). However, user jbm-sender (of role sender) can only send messages 
      and user jbm-consumer (of role consumer) can only consume messages. In this example the jbm-consumer tries to send message but failed 
      as it doesn't has the right to do so.</p>
      
      <p>With JBoss Messaging, the security manager is configurable. You can use JAASSecurityManager or JBossASSecurityManager based on you need. Please
      check out the jbm-standalone-beans.xml for how to do.</p>
+     
+     <p>In this example we just use the basic JBMSecurityManagerImpl which reads users/roles/passwords from the xml
+     file <code>jbm-users.xml</code>.
 
      <br>
      <h2>Example step-by-step</h2>

Modified: trunk/examples/jms/security/server0/jbm-queues.xml
===================================================================
--- trunk/examples/jms/security/server0/jbm-queues.xml	2009-04-20 12:03:00 UTC (rev 6491)
+++ trunk/examples/jms/security/server0/jbm-queues.xml	2009-04-20 12:14:15 UTC (rev 6492)
@@ -2,8 +2,7 @@
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="urn:jboss:messaging ../schemas/jbm-queues.xsd ">
 
-   <!--security for example topic-->
-   <security match="jms.topic.#">
+   <security match="jms.#">
       <permission type="createDurableQueue" roles="user"/>
       <permission type="deleteDurableQueue" roles="user"/>
       <permission type="createTempQueue" roles="user"/>

More information about the jboss-cvs-commits mailing list