[JBoss-user] [Messaging, JMS & JBossMQ] - Re: Is there a way to prevent JBossMQ from using the jbossmq

jaikiran Wed, 28 Jun 2006 05:16:56 -0700

anonymous wrote : I wish to have multiple queues, each with its own 
security-domain.


Interesting. I think this is what you might have to do, in that case:

For configuring your queues, you use something like:

<mbean code="org.jboss.mq.server.jmx.Queue"
  |      name="jboss.mq.destination:service=Queue,name=testQueue">
  |     <depends 
optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends>
  |     <depends 
optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager</depends>
  |     <attribute name="SecurityConf">
  |       <security>
  |         <role name="guest" read="true" write="true"/>
  |         <role name="publisher" read="true" write="true" create="false"/>
  |         <role name="noacc" read="false" write="false" create="false"/>
  |       </security>
  |     </attribute>
  |   </mbean>  

  In the above configuration, you will see the following attribute:
  
  <depends 
optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager</depends>
  |    

 The jboss.mq:service=SecurityManager  service is inturn configured in the 
jbossmq-service.xml file through:
  
  <mbean code="org.jboss.mq.security.SecurityManager" 
name="jboss.mq:service=SecurityManager">
  |       <attribute name="DefaultSecurityConfig">
  |         <security>
  |           <role name="guest" read="true" write="true" create="true"/>
  |         </security>
  |       </attribute>
  |       <attribute name="SecurityDomain">jbossmq</attribute>
  |       <depends 
optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends>
  |   </mbean>  

  For implementing your requirement, you might have to configure your own 
security managers and let them use 2 different security domains. Something like:
  
In  jbossmq-service.xml:
  
  
  <mbean code="org.jboss.mq.security.SecurityManager" 
name="myApp:service=SecurityManagerForQueue1">
  |         <attribute name="DefaultSecurityConfig">
  |           <security>
  |             <role name="guest" read="true" write="true" create="true"/>
  |           </security>
  |         </attribute>
  |         <attribute name="SecurityDomain">someSecurityDomain1</attribute>
  |         <depends 
optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends>
  |   </mbean>  

  <mbean code="org.jboss.mq.security.SecurityManager" 
name="myApp:service=SecurityManagerForQueue2">
  |           <attribute name="DefaultSecurityConfig">
  |             <security>
  |               <role name="guest" read="true" write="true" create="true"/>
  |             </security>
  |           </attribute>
  |           <attribute name="SecurityDomain">someSecurityDomain2</attribute>  
        <depends 
optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends>
  |   </mbean>  

  Then in the configuration of your queues(may be through 
jbossmq-destinations-service.xml file), you will use this security managers for 
the individual queues. Something like:
  
  <mbean code="org.jboss.mq.server.jmx.Queue"
  |      name="jboss.mq.destination:service=Queue,name=myQueue1">
  |       <depends 
optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends>
  |       <depends 
optional-attribute-name="SecurityManager">myApp:service=SecurityManagerForQueue1</depends>
  |       <attribute name="SecurityConf">
  |         <security>
  |           <role name="guest" read="true" write="true"/>
  |           <role name="publisher" read="true" write="true" create="false"/>
  |           <role name="noacc" read="false" write="false" create="false"/>
  |         </security>
  |       </attribute>
  |   </mbean>  

  <mbean code="org.jboss.mq.server.jmx.Queue"
  |              name="jboss.mq.destination:service=Queue,name=myQueue2">
  |         <depends 
optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends>
  |         <depends 
optional-attribute-name="SecurityManager">myApp:service=SecurityManagerForQueue2</depends>
  |         <attribute name="SecurityConf">
  |           <security>
  |             <role name="guest" read="true" write="true"/>
  |             <role name="publisher" read="true" write="true" create="false"/>
  |             <role name="noacc" read="false" write="false" create="false"/>
  |           </security>
  |         </attribute>
  |   </mbean>  

  Try it out.
  
  P.S.: I have never tried this before. This is just from what i understand 
about how the current configurations work.



View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3953980#3953980

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3953980

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Messaging, JMS & JBossMQ] - Re: Is there a way to prevent JBossMQ from using the jbossmq

Reply via email to