Hi all, I'm currently setting up a JBoss system for some developers and they need access to JNDI to allow them to browse and manipulate message queues. I've got JBoss bound to the external IP of the box but before opening the firewall for the JNDI access I'd like to at least force some security. My searching led me to http://sourceforge.net/docman/display_doc.php?docid=20143&group_id=22866 which states "The JNDI naming service is not secured by default and allows access to the JBoss JNDI tree on port 1099. You can change the port and interface which the naming service is bound on, as well as add role based security using a custom XMBean configuration." I searched more and found a post at http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3823726#... pointing me to http://www.jboss.org/community/wiki/XMBeansforSecurity. I've begun to follow the XMBeans as per that wiki article but am stuck. I don't know where to do this step: "Now you need to configure the NamingService to use the detached invoker framework to expose an org.jnp.interfaces.Naming interface proxy to JNDI clients in order to have the jndi lookups routed to the NamingService.invoke method. The following 3.2.6+ confg/jboss-service.xml fragement illustrates this for the RMI/JRMP detached invoker:" Additionally, the references are all for 3.x and 4.x not 5.1. So, as I'm just a lowly sysadmin does anyone have any advise on how to secure my JNDI access with roles-based security? Have a missed something super obvious? Or is there a better way than this? Another way, perhaps? Thanks! August View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250772#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...