[jboss-dev-forums] [Design of Messaging on JBoss (Messaging/JBoss)] - Re: Permissions on temporary destinations (JBMESSAGING-994)
thomasra
do-not-reply at jboss.com
Wed Jun 20 06:29:05 EDT 2007
Just a brief question: if, as you say, you handle the issue of protecting a temp destination from being consumed by anyone other than the original connection _outside_ any security code, then why bother using it when you _are_ within the same connection?
Couldn't the temp destination include metadata describing the original connectionid/sessionid, and just check that consumers belong to the same id? No other checks need to be made, and no more configuration needs to be extended on the connectionfactory?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4055954#4055954
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4055954
More information about the jboss-dev-forums
mailing list