anonymous wrote : First: createProducer doesn't do any security checks, as there is
nothing being created on Server for a producer, but shouldn't we do a round-trip just
to validate security?
I don't think so, firstly the producer may be anonymous and since the checks are done
by address you couldn't do it anyway. secondly, If you did do security checks there
would be no point in checking on send. Lastly,
anonymous wrote : Say you are sending messages (Asynchronously), and you don't have
sending permissions... (or you lost permissions after the createProducer). The serverSide
will ignore the sends and will only log those errors.
I think thats ok, as long as its logged and if the user wants they can send blocking.
anonymous wrote : Shouldn't we save exceptions on Async operations, so the next time a
Sync operation come (commit, prepare, close) we throw the pending exceptions?
i'm not sure that is a good idea. what if the next sync call was creating a consumer,
it wouldn't make sense to throw an exception for a previous send. We probably should
mark a tx as rollback only tho', which I'm not sure we do.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222230#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...