Maybe this will help :-) NO user entries in jbossmq-state.xml, but stored in a central database using JAAS DatabaseServerLoginModule
in ../conf/login-config.xml
<!-- JBossMQ Security Domain -->
<application-policy name = "jbossmq">
<!-- Lookup user/roles in security database -->
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "unauthenticatedIdentity">JMS-Guest</module-option>
<module-option name = "dsJndiName">java:/SystemJaasDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM principals WHERE principal_id=?</module-option>
<module-option name = "rolesQuery">SELECT role, 'Roles' FROM roles WHERE principal_id=? AND rolecontext='JMS-System'</module-option>
</login-module>
</authentication>
</application-policy>
<!-- JmsXA Resource Adapter Security Domain -->
<application-policy name = "JmsXARealm">
<!-- Lookup user/roles in security database -->
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "unauthenticatedIdentity">JMS-Guest</module-option>
<module-option name = "dsJndiName">java:/SystemJaasDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM principals WHERE principal_id=?</module-option>
<module-option name = "rolesQuery">SELECT role, 'Roles' FROM roles WHERE principal_id=? AND rolecontext='JMS-System'</module-option>
</login-module>
</authentication>
Ulf Schroeter
IT Entwicklung - Design & Research
MobilCom Communikationstechnik GmbH
Hollerstr. 126
24782 Buedelsdorf
Tel.: 04331- 69 37 43
Fax: 04331- 69 28 99
Besucheradresse: Wollinstr. 10
[EMAIL PROTECTED]
Gesendet von: [EMAIL PROTECTED] 29.08.2003 04:20
|
An: [EMAIL PROTECTED] Kopie: Thema: [JBoss-user] User authorization/authentication with JBossMQ |
I was wondering why the user authorization/authentication with JBossMQ was configured through this jbossmq-state.xml file (In JBoss 3.0.5) and not through a more standard JAAS security domain?
Another way to ask the question is: can I use the JBossSX login modules (like the LdapLoginModule) for the JBossMQ authentication/authorization instead of having all the user and roles defined in the jbossmq-state.xml? If yes, any pointers will be appreciated.
Thanks.
Thomas Cherel