[jboss-jira] [JBoss JIRA] (AS7-3150) Security for HornetQ
Ed Keen (JIRA)
jira-events at lists.jboss.org
Fri Feb 10 10:26:48 EST 2012
[ https://issues.jboss.org/browse/AS7-3150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12665670#comment-12665670 ]
Ed Keen commented on AS7-3150:
------------------------------
@Justin, I have added the following security domain to the security subsystem:
{code}
<security-domain name="messaging" cache-type="default">
<authentication>
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/messaging-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/messaging-roles.properties"/>
</login-module>
</authentication>
</security-domain>
{code}
My messaging-users.properties file just has a user=password format, and my messaging-roles.properties file has a user=role format.
I also added the following security section in my messaging subsystem:
{code}
<security-settings>
<security-setting match="jms.queue.cbs.#">
<permission type="send" roles="cbsuser"/>
<permission type="consume" roles="cbsuser"/>
<permission type="createNonDurableQueue" roles="cbsuser"/>
<permission type="deleteNonDurableQueue" roles="cbsuser"/>
</security-setting>
</security-settings>
{code}
When I create my JMS connection, I pass a username & password, like this:
{code}
Connection conn = factory.createConnection("user1", "password");
{code}
However, I am getting the following error: javax.jms.JMSSecurityException: Unable to validate user: user1
Is there a step that I am missing in the process? I know that for the application-users and mgmt-users, you have to call the add-user.bat file in order to add the user. Do we have to do that here as well?
Any help you can offer would be greatly appreciated.
Thanks,
Ed
> Security for HornetQ
> --------------------
>
> Key: AS7-3150
> URL: https://issues.jboss.org/browse/AS7-3150
> Project: Application Server 7
> Issue Type: Bug
> Components: JMS
> Affects Versions: 7.1.0.CR1b
> Reporter: David White
> Assignee: Justin Bertram
> Priority: Blocker
> Fix For: 7.1.0.Final
>
>
> Can't find a way to require auth for a JMS connection
> http://lists.jboss.org/pipermail/jboss-as7-dev/2011-October/004057.html
> suggests there is a bug of omission (perhaps just in the documentation).
> Having searched for days, I can't find a solution, hence this bug report.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list