[jboss-user] [JBoss Messaging] - Re: Secure Queue implementation in JBoss 4.0.2.GA

mskonda do-not-reply at jboss.com
Tue Jan 22 03:50:10 EST 2008 

You can secure your destinations (topics/queues) either individually or on a global basis. 

Individual security:
Add the 'SecurityConfig' attribute with appropriate role access as shown below to the individual destination configuration:

  | <mbean code="org.jboss.jms.server.destination.TopicService"
  |          name="jboss.messaging.destination:service=Topic,name=mySecuredTopic"
  |          xmbean-dd="xmdesc/Topic-xmbean.xml">
  |     <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
  | 	<depends>jboss.messaging:service=PostOffice</depends>
  | 
  | <attribute name="SecurityConfig">
  |  <security>
  |    <role name="jms_sub" read="true" write="false" create="false"/>
  |    <role name="jms_pub" read="false" write="true" create="false"/>
  |    <role name="jms_pubsub" read="true" write="true" create="false"/>
  |    <role name="jms_dursub" read="true" write="false" create="true"/>
  |    <role name="jms_admin" read="true" write="true" create="true"/>
  |  </security>    
  | </attribute>
  | </mbean>
  | 

Of course, thsoe roles should be defined in your data store.

On a global basis, edit the deploy/jboss-messaging.sar/messaging-service.xml and add the 'DefaultSecurityConfig' block:


  | <attribute name="DefaultSecurityConfig">
  |   <security>
  |     <role name="jms_sub" read="true" write="false" create="false"/>
  |     <role name="jms_pub" read="false" write="true" create="false"/>
  |     <role name="jms_pubsub" read="true" write="true" create="false"/>
  |     <role name="jms_dursub" read="true" write="false" create="true"/>
  |     <role name="jms_admin" read="true" write="true" create="true"/>
  |    </security>
  | </attribute>
  | 

There's a detailed explanation on the user manual here.
http://labs.jboss.com/file-access/default/members/jbossmessaging/freezone/docs/userguide-1.4.0.SP3/html/configuration.html#conf.destination.queue.attributes.security

/Madhu

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4122080#4122080

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4122080

More information about the jboss-user mailing list