Migrating from JBM on 4.2.3 to JBM on 5.1.0, the SuckerPassword (i'm in a cluster) seems to be ignored? Even after specifying it, i still have the 10:32:04,199 WARN [JBossASSecurityMetadataStore] WARNING! POTENTIAL SECURITY RISK. | It has been detected that the MessageSucker component which sucks messages from one node to another has not had its password changed from the installation default. | Please see the JBoss Messaging user guide for instructions on how to do this. message. My messaging-service.xml does include <attribute name="SuckerPassword">toto954763</attribute>, and it worked fine on 4.2.3 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236936#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...