Security problem with own login-config
hergaty Jun 3, 2003 12:14 PMHello,
I try to set the login-config for "jbossmq" to the same, that I use for my EJBs. I changed the login-config.xml to this:
<application-policy name = "jbossmq">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/MySqlDS</module-option>
<module-option name="principalsQuery">SELECT password FROM user_User WHERE login=? AND active=1</module-option>
<module-option name="rolesQuery">SELECT ur.name, 'Roles' FROM user_User u LEFT JOIN user_UserRole ur ON u.id = ur.fk_user WHERE u.login=?</module-option>
<module-option name="unauthenticatedIdentity">guest</module-option>
</login-module>
</application-policy>
The queue is defined by this:
<depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager
<depends optional-attribute-name="SecurityManager">jboss.mq:service=SecurityManager
The MDB itself has the following xdoclet tags:
/**
* @ejb.bean
* type="MDB"
* name="InfoMessageListener"
* accnowledge-mode="AUTO_ACKNOWLEDGE"
* destination-type="javax.jms.Queue"
* @jboss.destination-jndi-name
* name="queue/info/receiver"
*
* @ejb.security-identity
* run-as="Internal"
*/
Although the roles "Internal" and "guest" are allowed to do anything with the queue, I get this Exception all the time:
Message: JMS provider failure detected:
Location: org.jboss.ejb.plugins.jms.JMSContainerInvoker$ExceptionListenerImpl.onException(JMSContainerInvoker.java:1033)
Thrown:
javax.jms.JMSSecurityException: Connection not authorized to subscribe to destination: info/receiver
at org.jboss.mq.security.ServerSecurityInterceptor.subscribe(ServerSecurityInterceptor.java:148)
at org.jboss.mq.server.TracingInterceptor.subscribe(TracingInterceptor.java:677)
at org.jboss.mq.server.JMSServerInvoker.subscribe(JMSServerInvoker.java:298)
at org.jboss.mq.il.jvm.JVMServerIL.subscribe(JVMServerIL.java:315)
at org.jboss.mq.Connection.addConsumer(Connection.java:1082)
at org.jboss.mq.SpyConnectionConsumer.(SpyConnectionConsumer.java:73)
at org.jboss.mq.SpyConnection.createConnectionConsumer(SpyConnection.java:113)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker.innerCreate(JMSContainerInvoker.java:536)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker.startService(JMSContainerInvoker.java:553)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker$ExceptionListenerImpl.onException(JMSContainerInvoker.java:1053)
at org.jboss.ejb.plugins.jms.JMSContainerInvoker$1.run(JMSContainerInvoker.java:565)