We need to decide how security will work with regard to creating queues at a core level and also how this links to when(and how) we should throw InvalidDestination at a JMS level. This is how i think all his should hang together: When a client interacts with a destination at a session level we check to see if they have the CREATE role. This would be a method, probably in MessagingServer, called boolean CheckDestinationSecurity(Destination dest, ServerSessionEndpoint) that would create the destination if it didn't exist and if the client had the correct privileges. If the destination wasn't created then the appropriate return flag would be returned to the user. This would be converted into an InvalidDestination exception on the client side at the JMS level. comments! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4126081#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...