[jboss-jira] [JBoss JIRA] (AS7-3150) Security for HornetQ

Ed Keen (JIRA) jira-events at lists.jboss.org
Fri Feb 10 10:26:48 EST 2012 

    [ https://issues.jboss.org/browse/AS7-3150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12665670#comment-12665670 ] 

Ed Keen commented on AS7-3150:
------------------------------

@Justin, I have added the following security domain to the security subsystem:

{code}
<security-domain name="messaging" cache-type="default">
  <authentication>
    <login-module code="UsersRoles" flag="required">
      <module-option name="usersProperties" value="${jboss.server.config.dir}/messaging-users.properties"/>
      <module-option name="rolesProperties" value="${jboss.server.config.dir}/messaging-roles.properties"/>
    </login-module>
  </authentication>
</security-domain>

{code}

My messaging-users.properties file just has a user=password format, and my messaging-roles.properties file has a user=role format.  

I also added the following security section in my messaging subsystem:

{code}
<security-settings>
  <security-setting match="jms.queue.cbs.#">
    <permission type="send" roles="cbsuser"/>
    <permission type="consume" roles="cbsuser"/>
    <permission type="createNonDurableQueue" roles="cbsuser"/>
    <permission type="deleteNonDurableQueue" roles="cbsuser"/>
  </security-setting>
</security-settings>
{code}

When I create my JMS connection, I pass a username & password, like this:

{code}
Connection conn = factory.createConnection("user1", "password");
{code}

However, I am getting the following error:  javax.jms.JMSSecurityException: Unable to validate user: user1

Is there a step that I am missing in the process?  I know that for the application-users and mgmt-users, you have to call the add-user.bat file in order to add the user.  Do we have to do that here as well?

Any help you can offer would be greatly appreciated.

Thanks,
Ed



                
> Security for HornetQ
> --------------------
>
>                 Key: AS7-3150
>                 URL: https://issues.jboss.org/browse/AS7-3150
>             Project: Application Server 7
>          Issue Type: Bug
>          Components: JMS
>    Affects Versions: 7.1.0.CR1b
>            Reporter: David White
>            Assignee: Justin Bertram
>            Priority: Blocker
>             Fix For: 7.1.0.Final
>
>
> Can't find a way to require auth for a JMS connection
> http://lists.jboss.org/pipermail/jboss-as7-dev/2011-October/004057.html
> suggests there is a bug of omission (perhaps just in the documentation).
> Having searched for days, I can't find a solution, hence this bug report.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list