[ https://issues.apache.org/jira/browse/OFBIZ-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13117143#comment-13117143 ]
Martin Kreidenweis commented on OFBIZ-4453: ------------------------------------------- I'd like to make two remarks: I think the JMS connection should be reused. Currently the JMSServiceEngine does a new lookup and creates a new connection for every service call. This is not particularly performant. Security is an issue: sending the serialized userLogin entity provides no security at all. So anybody with access to the JMS Topic can run any service on an OFBiz instance currently. There probably is no easy way to fix this, but people need to know about it. Maybe this is no OFBiz issue at all but an operations issue: the messaging server and connections have to be secured properly. > Refactoring JMS Handling > ------------------------ > > Key: OFBIZ-4453 > URL: https://issues.apache.org/jira/browse/OFBIZ-4453 > Project: OFBiz > Issue Type: Improvement > Components: framework > Reporter: Dimitri Unruh > > This is the main ticket for the JMS refactoring tasks. > I would like to start here some concept discussion ant the create sub-tasks... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira