[jboss-dev-forums] [Design of Messaging on JBoss (Messaging/JBoss)] - Security Configuration --- getting confused
gaohoward
do-not-reply at jboss.com
Tue Apr 28 06:06:50 EDT 2009
Hi, when working on the security example, I improved the configuration a little, adding some more stuff here. But I'm confused that the configuration seems not consistent with my result.
In the configuration I have 4 users bill, andrew, frank and sam, each has different roles
And I also configured 3 topics: genericTopic, news.europe.europeTopic and news.us.usTopic.
The security settings can be simply described in the following chart:
| Users | user | news-user | europe-user | us-user
| --------------------------------------------------------------------
| bill | X | | |
| andrew | X | | X |
| frank | X | X | | X
| sam | X | X | |
| --------------------------------------------------------------------
| Topics | | | |
| --------------------------------------------------------------------
| genericTopic | rw | rw | rw | rw
| europeTopic | | r | w |
| usTopic | | r | | w
| --------------------------------------------------------------------
|
| Note:
|
| r --- means the corresponding role can receive messages from the topic
| w --- means the corresponding role can send messages to the topic
|
|
But when I run the example to show the result, I got several 'Security Broken' cases, The output is:
|
| [java] User bill can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
| [java] User bill can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
| [java] User andrew can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
| [java] User andrew can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
| [java] User frank can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
| [java] User frank can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
| [java] User sam can send message: [hello-world-4] to topic: JBossTopic[genericTopic]
| [java] User sam can receive message: [hello-world-4] from topic: JBossTopic[genericTopic]
| [java] User bill cannot create consumer on topic JBossTopic[news.europe.europeTopic]
| [java] User bill cannot send message [hello-world-3] to topic: JBossTopic[news.europe.europeTopic]
| [java] User andrew can send message [hello-world-2] to topic JBossTopic[news.europe.europeTopic]
| [java] Security setting is broken! User andrew can receive message [hello-world-2] from topic JBossTopic[news.europe.europeTopic]
| [java] Security setting is broken! User frank can send message [hello-world-1] to topic JBossTopic[news.europe.europeTopic]
| [java] User frank can receive message [hello-world-1] from topic JBossTopic[news.europe.europeTopic]
| [java] Security setting is broken! User sam can send message [hello-world-1] to topic JBossTopic[news.europe.europeTopic]
| [java] User sam can receive message [hello-world-1] from topic JBossTopic[news.europe.europeTopic]
| [java] User bill cannot create consumer on topic JBossTopic[news.us.usTopic]
| [java] User bill cannot send message [hello-world-3] to topic: JBossTopic[news.us.usTopic]
| [java] User andrew cannot send message [hello-world-3] to topic: JBossTopic[news.us.usTopic]
| [java] Security setting is broken! User andrew can receive message [hello-world-3] from topic JBossTopic[news.us.usTopic]
| [java] User frank can send message: [hello-world-4] to topic: JBossTopic[news.us.usTopic]
| [java] User frank can receive message: [hello-world-4] from topic: JBossTopic[news.us.usTopic]
| [java] Security setting is broken! User sam can send message [hello-world-1] to topic JBossTopic[news.us.usTopic]
| [java] User sam can receive message [hello-world-1] from topic JBossTopic[news.us.usTopic]
| [java] Java Result: 1
|
|
If you take one error from the above, for example:
| Security setting is broken! User andrew can receive message [hello-world-2] from topic J
| BossTopic[news.europe.europeTopic]
|
You can see user andrew can receive message from news.europe.europeTopic, which should not according to the chart.
What's wrong? Can anybody help? I really have no idea.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4227228#4227228
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4227228
More information about the jboss-dev-forums
mailing list