June 2007 - jboss-dev-forums - Jboss List Archives

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by timfox

"thomasra" wrote : Yes, it is outside the spec, but this is more a case of making something work as intended. It cannot be intended that the creator of a temp destination should have read access to _everything_ in order to be able to consume from the temp dest. Right, and that is why Sergey is adding security overrides on the connection factory as discussed, which will take effect for temp queues. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055951#4055951 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055951

18 years, 9 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by thomasra

Yes, it is outside the spec, but this is more a case of making something work as intended. It cannot be intended that the creator of a temp destination should have read access to _everything_ in order to be able to consume from the temp dest. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055950#4055950 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055950

18 years, 9 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by thomasra

Hm. But you are forgetting that in addition to what you are saying the user also needs roles defined for reading from everything, which isn't really that useful. Why allow something to be created that you yourself cannot access? It should be consistently one or the other. A temp destination created by a client cannot be consumed from unless that client has a read role on everything (since the temporary destination roles aren't covered by any specific security configuration property). View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055948#4055948 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055948

18 years, 9 months

1
0
0 / 0

[Design of JBossXB] - Re: Ignoring non-ignorable white space?

by alex.loubyansky＠jboss.com

I've added a test for the ObjectModelFactory to the IgnorableWhitespaceUnitTestCase. To make it pass you should set TrimTextContent to false (it can be set in the newRoot for all elements or in newChild per element): public Object newRoot(Object root, UnmarshallingContext ctx, String namespaceURI, String localName, Attributes attrs) | { | ctx.setTrimTextContent(false); | return new Top(); | } Does this work for everybody? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055940#4055940 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055940

18 years, 9 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by timfox

"thomasra" wrote : To repeat a previous posting with precise wording from the spec: | | (4.4.3) | ...only their own connection is allowed to create MessageConsumers for them.... | | So basically using the same connectionfactory is not enough... | No, this is already implemented (long time ago), try creating a consumer on a temp destination you didn't create - you won't be able to. This is isn't configured using security. anonymous wrote : | ...and since the specification seems to ignore Producers but mentions "ReplyTo" as a common use case I would assume they mean that anyone can produce messages on a temp destination? Right. So, to clarify this: a) Only the creating connection of the temp queue can create a consumer on it. This has been implemented for ages, it's part of the JMS spec, and we wouldn't have got JMS 1.1 compliance in Sep 2005 without doing this. b) The JMS spec puts no restrictions on who can write (send messages to) a temp queue. Currently in our implementation temp queues are governed by the standard default destination security config. c) As has been suggeted, we *could* allow the creator of the temp queue to specify programmaticall additionaly security for the temp queue at creation time. I agree this may be useful but is a "nice to have". I also repeat my earlier question of what API they would use to specify this security? This would also be non JMS so it makes their code non portable. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055931#4055931 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055931

18 years, 9 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by thomasra

To repeat a previous posting with precise wording from the spec: (4.4.3) ...only their own connection is allowed to create MessageConsumers for them.... So basically using the same connectionfactory is not enough... ...and since the specification seems to ignore Producers but mentions "ReplyTo" as a common use case I would assume they mean that anyone can produce messages on a temp destination? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055906#4055906 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055906

18 years, 9 months

1
0
0 / 0

[Design of JBoss/Tomcat Integration] - Re: Commons logging issues

by scott.stark＠jboss.org

http://jira.jboss.com/jira/browse/ASPATCH-234 illustrates the changes that are needed. All of the commons logging usage, including the jsp layer must use static references to logging in order to avoid improper reinitialization of the log in the context of the web app class loader and conflicting classes/configuration. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055905#4055905 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055905

18 years, 9 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)

by thomasra

There are many scenarios where this is applicable, basically it involves all blocking/synchronous request/response use cases where the calling party (the "client") is not configured to have a permanent destination for response. Using temp destinations allows an otherwise non-"connected" JMS client to receive responses only destined for itself (queries etc). I agree with sergey about temp destinations being more targeted to the actual case: a user that creates a temp destination should have full access to it, but then there is the question of that user granting further rights so someone else can actually use it (for replies etc). Regarding something more specific: the QueueRequestor/TopicRequestor classes already know which destination ("X") the client is communicating with, and creates an (for the client) unnamed ("Y") destination for replies. This use case could be much smarter and actually create a temp destination ("Y") which the client (and only the client) is allowed to read from, and the role which is allowed to read from "X" is granted the right to write to "Y"? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055900#4055900 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055900

18 years, 9 months

1
0
0 / 0

[Design of JBoss Profiler] - About Kill -3 signal

by yimianshisan

You know the jboss profiler will sleep until you send a wake-up signal. The wake-up and stop signal can be sent by a kill -3 command on UNIX. I just want to know the reson for this, why I send kill -3 pid, the profiler will wake up. Why not kill -4. Whre the kill -3 signal are captured? In Jboss Inspector? or JVM? And If I want to pause the profiling,which signal should I send? Can anyone give me an answer , or the detail process of kill -3 signal. Thank you very much! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055882#4055882 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055882

18 years, 9 months

1
0
0 / 0

[Design of JBoss jBPM] - Re: Problem deleting process instances

by david.lloyd＠jboss.com

Solved the problem. The process was being loaded "for update", which caused it to be re-saved after being deleted. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055865#4055865 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055865

18 years, 9 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-dev-forums June 2007