Hello *, I've a message driven bean subscribed to a queue. The queue is created with the following xxx-service.xml:<?xml version="1.0" encoding="UTF-8"?> | | <server> | <mbean code="org.jboss.mq.security.SecurityManager" name="jboss.mq:service=MyMQSecurityManager"> | <attribute name="DefaultSecurityConfig"> | <security> | <role name="_LocalQueueWriter_" read="false" write="true"/> | <role name="_LocalQueueReader_" read="true" write="false"/> | </security> | </attribute> | <attribute name="SecurityDomain">java:/jaas/ipanemaLocal</attribute> | <depends optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends> | </mbean> | | <mbean code="org.jboss.mq.server.jmx.Queue" | name="jboss.mq.destination:service=Queue,name=my/Queue"> | <depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends> | <depends optional-attribute-name="SecurityManager">jboss.mq:service=MyMQSecurityManager</depends> | <attribute name="SecurityManager">jboss.mq:service=MyMQSecurityManager</attribute> | <attribute name="RedeliveryDelay">10000</attribute> | <attribute name="RedeliveryLimit">3</attribute> | </mbean> | </server>
The MDB has security domain, user and password defined in the jboss.xml (excerpt):... | <container-configuration> | <container-name>Standard Message Driven Bean</container-name> | <role-mapping-manager>java:/jaas/session-roles</role-mapping-manager> | <security-domain>java:/jaas/ipanemaLocal</security-domain> | </container-configuration> | ... | <message-driven> | <ejb-name>my/mdb/MyListener</ejb-name> | <destination-jndi-name>queue/my/Queue</destination-jndi-name> | <mdb-user>_LocalQueueReader_</mdb-user> | <mdb-passwd>test</mdb-passwd> | </message-driven> | ... | It all works fine, if I allow "guest" to read and don't define an user for the mdb, but with the above configuration, the authentication fails. What is really strange is that it doesn't even trigger the login method of my custom LoginModule (which works fine when writing into the queue). Here's an excerpt of my jboss server log:18:23:12,561 INFO [JMSContainerInvoker] Reconnected to JMS provider | 18:23:12,562 WARN [JMSContainerInvoker] JMS provider failure detected: | javax.jms.JMSSecurityException: User: _LocalQueueReader_ is NOT authenticated | at org.jboss.mq.security.SecurityManager.authenticate(SecurityManager.java:215) | at org.jboss.mq.security.ServerSecurityInterceptor.authenticate(ServerSecurityInterceptor.java:51) | at org.jboss.mq.server.TracingInterceptor.authenticate(TracingInterceptor.java:781) | at org.jboss.mq.server.JMSServerInvoker.authenticate(JMSServerInvoker.java:287) | at org.jboss.mq.il.jvm.JVMServerIL.authenticate(JVMServerIL.java:301) | at org.jboss.mq.Connection.authenticate(Connection.java:1160) | at org.jboss.mq.Connection.<init>(Connection.java:255) | at org.jboss.mq.SpyConnection.<init>(SpyConnection.java:55) | at org.jboss.mq.SpyXAConnection.<init>(SpyXAConnection.java:52) | at org.jboss.mq.SpyXAConnectionFactory.createXAConnection(SpyXAConnectionFactory.java:98) | at org.jboss.mq.SpyXAConnectionFactory.createXAQueueConnection(SpyXAConnectionFactory.java:119) | at org.jboss.jms.ConnectionFactoryHelper.createQueueConnection(ConnectionFactoryHelper.java:67) | at org.jboss.ejb.plugins.jms.JMSContainerInvoker.innerCreate(JMSContainerInvoker.java:690) | at org.jboss.ejb.plugins.jms.JMSContainerInvoker.startService(JMSContainerInvoker.java:764) | at org.jboss.ejb.plugins.jms.JMSContainerInvoker$ExceptionListenerImpl.onException(JMSContainerInvoker.java:1267) | at org.jboss.ejb.plugins.jms.JMSContainerInvoker$1.run(JMSContainerInvoker.java:776) What am I doing wrong? Any ideas? Because my login module is not triggered, I assume that I have to define the security domain in a different way than I do for my session beans. But if so, how? Thanks a lot for your help in advance! Marco ;-) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3871912#3871912 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3871912 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
