[jboss-user] [JBoss Messaging] - MDB Security Vs JBM Security
do-not-reply at jboss.com
Tue Mar 11 07:33:26 EDT 2008
I have a situation - I got an MDB that needs by passing the secured JMS Server.
That is, I have a secured JBM using DatabaseLoginModule.
The login-config.xml's messaging domain reflects use of this module.
The messaging-service.xml is updated to add the DefaultSecurityConfig.
Now, I want the external clients to get authenticated and authorised while my MDB should by pass.
So, I've added unauthenticatedIdentity as 'guest' to the 'messaging' applicaiton policy in login-config.xml
I've added the relevant security-identity and security-role to the ejb-jar.xml.
I've also added security-domain to the jboss.xml - I've pointed to java:jaas/messaging (tried with 'other' too). Iv'e added the security-domain to the container configuraiton too.
Inspite of doign this, when I deploy my MDB it complains saying the user null is not authenticated.
I'll appreciate if someone thorws a bit of light on this issue.
(My understanding is that MDB uses the DefaultJMSProvider which inturns uses the default (XA)ConnectionFactory which I think uses the 'messaging' applicaiton policy - right or wrong?)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4135578#4135578
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4135578
More information about the jboss-user