grosueugen [http://community.jboss.org/people/grosueugen] created the discussion
"Securing Queues fails when using JmsXA" To view the discussion, visit: http://community.jboss.org/message/576154#576154 -------------------------------------------------------------- Hello, I'm using JBoss 5.1.0.GA, jdk 1.6, on Linux. I need to use distributed transaction with JBoss Messaging, so I used JmsXA for the connection factory. I changed the DB for messaging, so I used Oracle DB. With the default security, I was able to send/consume messages to a Queue. I decided to add a user in the Oracle DB, and that user to have rights to send/receive messages from my Queue. So, I did the following: 1. create a new user in the Oracle DB: +INSERT INTO JBM_USER (USER_ID, PASSWD, CLIENTID) VALUES ('my-user', 'my-user-pwd', null); INSERT INTO JBM_ROLE (ROLE_ID, USER_ID) VALUES ('my-role', 'my-user'); + 2. in code, when obtaining a connection, I would use the username: "my-user", password: "my-user-pwd": +Connection connection = connectionFactory.createConnection("my-user", "my-user-pwd");+ 3. I created a new file for defining destinations, named, my-jms-service.xml, and put it in xxx/deploy/ + <?xml version="1.0" encoding="UTF-8"?>+ +<server> <mbean code="org.jboss.jms.server.destination.QueueService" name="orvaal.rtra.jms.destination:service=Queue,name=MyQueue" xmbean-dd="xmdesc/Queue-xmbean.xml"> <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends> <depends>jboss.messaging:service=PostOffice</depends>+ + <attribute name="SecurityConfig"> <security> <role name="my-role" read="true" write="true"/> </security> </attribute>+ + </mbean> + +</server>+ 4. In xxx/conf/login-config.xml, I created a new <application-policy>: +<application-policy name="MyJmsXARealm"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/jdbc/MyXAOracleDSJms</module-option> <module-option name="principalsQuery">SELECT PASSWD FROM JBM_USER WHERE USER_ID=?</module-option> <module-option name="rolesQuery">SELECT ROLE_ID, 'Roles' FROM JBM_ROLE WHERE USER_ID=?</module-option> </login-module> </authentication> </application-policy>+ +java:/jdbc/MyXAOracleDSJms+ is the JNDI name for the datasource configured for the Oracle DB used by JBoss Messaging 5. In xxx/deploy/messaging/jms-ds.xml, I edited the JmsXA to know of the created MyJmsXARealm: + + + <!-- JMS XA Resource adapter, use this to get transacted JMS in beans --> <tx-connection-factory> <jndi-name>JmsXA</jndi-name> <xa-transaction/> <rar-name>jms-ra.rar</rar-name> <connection-definition>org.jboss.resource.adapter.jms.JmsConnectionFactory</connection-definition> <config-property name="SessionDefaultType" type="java.lang.String">javax.jms.Topic</config-property> <config-property name="JmsProviderAdapterJNDI" type="java.lang.String">java:/DefaultJMSProvider</config-property> <max-pool-size>20</max-pool-size> <!-- COMMENTED THE INITIAL REALM <security-domain-and-application>JmsXARealm</security-domain-and-application> --> <security-domain-and-application>MyJmsXARealm</security-domain-and-application> <depends>jboss.messaging:service=ServerPeer</depends> </tx-connection-factory>+ The error is: 2010-12-15 15:27:53,374 ERROR [org.jboss.resource.adapter.jms.JmsSessionFactoryImpl] (http-127.0.0.1-8080-1) could not create session java.lang.SecurityException: Unauthenticated caller:null at org.jboss.security.integration.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:92) at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:687) at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:495) at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.allocateConnection(BaseConnectionManager2.java:941) at org.jboss.resource.adapter.jms.JmsSessionFactoryImpl.allocateConnection(JmsSessionFactoryImpl.java:395) at org.jboss.resource.adapter.jms.JmsSessionFactoryImpl.createSession(JmsSessionFactoryImpl.java:374) at MySLSB.addToMyQueue(MySLSB.java:103) Have I done something wrong? Thanks. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/576154#576154] Start a new discussion in JBoss Messaging at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2042]
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
