I made some progress and added the mdbuser / mdbpassword in the jboss.xml file
<message-driven>
<ejb-name>JobRequestListener</ejb-name>
<destination-jndi-name>queue/abc/JobRequests</destination-jndi-name>
<mdb-user>jmsuser</mdb-user>
<mdb-passwd>password</mdb-passwd>
So now I am able to receive messages in my MDB. However any injected resources also need to be authenticated. This is not very nice as I have to include the password in the deployment descriptor as well as the application itself. I am hoping that there is an elegant way of granting the entire EAR application access to read and write to JMS destination and to be able to specify the user credentials outside the application and reference a security policy.
Thanks for your help.
Alex