[ 
https://issues.apache.org/jira/browse/OFBIZ-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13117143#comment-13117143
 ] 

Martin Kreidenweis commented on OFBIZ-4453:
-------------------------------------------

I'd like to make two remarks:

I think the JMS connection should be reused. Currently the JMSServiceEngine 
does a new lookup and creates a new connection for every service call. This is 
not particularly performant.  

Security is an issue: sending the serialized userLogin entity provides no 
security at all. So anybody with access to the JMS Topic can run any service on 
an OFBiz instance currently. There probably is no easy way to fix this, but 
people need to know about it. Maybe this is no OFBiz issue at all but an 
operations issue: the messaging server and connections have to be secured 
properly. 
                
> Refactoring JMS Handling
> ------------------------
>
>                 Key: OFBIZ-4453
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-4453
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>            Reporter: Dimitri Unruh
>
> This is the main ticket for the JMS refactoring tasks.
> I would like to start here some concept discussion ant the create sub-tasks...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Reply via email to