"aslak" wrote : When creating a Temporary destination on a clustered PostOffice, | the temp destination itself is clustered but.. | | Both nodes in the cluster fail adding a MessageSucker to the temp destination due to a SecurityException. | | The node that received the message continues processing it like nothing happened. | | 1. | Shouldn't the MessageSucker inherit the connections credentials, | or bypass normal security all together being an internal service? | |
Bypassing normal security isn't really an option since this would allow an exploit to be done. E.g. if we have a "createConnectionOverridingSecurity" command that's only used by message suckers, then someone could spoof the sucker and send the correct bytes down the wire corresponding to that command and get read access to any queue. What I'm thinking of doing is having a built in user called "sucker" (or whatever) which the message sucker uses to make connections. The sysadmin can then change the password of sucker in order to secure the system. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4085477#4085477 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4085477 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
