On Mon February 1 2010 4:55:27 pm johnpfeifer4 wrote: > I've done some digging... I'm going to need the username and password to > validate against our spring security authentication provider. > > I'm thinking that I could configure the interceptor to look for user/pass > in JMS Headers or in a single header (in the case of Basic Auth). I'll > have to dig around a bit more and let you know what I find.
Yea. If you need that, then the JMSXUserID wouldn't be appropriate. In that case, you would call mesage.get(Message.PROTOCOL_HEADERS) and get the header out of there. Dan > > Thanks, > > John > > Andreas Veithen-2 wrote: > > Isn't the JMSXUserID set to the user who connected to the broker? > > Since John's use case is a HTTP->JMS bridge with HTTP Basic Auth, I > > would be surprised that the connection to the broker is opened using > > the credentials of the user who submitted the HTTP request. > > > > Andreas > > > > On Mon, Feb 1, 2010 at 21:16, Daniel Kulp <[email protected]> wrote: > >> Christian recently did some updates to the JMS transport to pull the > >> JMSXUserID from the JMS Message and stick that into our SecurityContext. > >> You > >> would probably need an interceptor that would then take that and feed > >> that > >> into the Spring security context. If you do develop some > >> interceptors for > >> this, we'd love to have them. :-) > >> > >> Dan > >> > >> On Mon February 1 2010 1:51:44 pm johnpfeifer4 wrote: > >>> I was wondering if anyone has an example of implement spring security > >>> with > >>> a CXF JMS Endpoint. We currently secure all of our endpoints with the > >>> <security:http> element, limiting access to certain endpoints to a > >>> particular role(s). > >>> > >>> Now we have a requirement to enforce security for JMS endpoints. It > >>> seems > >>> that the listener that picks it off the JMS queue would have to know > >>> where > >>> to find the credentials on the message. Perhaps we need to write our > >>> own > >>> interceptors to do this? > >>> > >>> I figured I would post here before I start my own investigation. Any > >>> help > >>> would be greatly appreciated. > >>> > >>> Thanks, > >>> > >>> John > >> > >> -- > >> Daniel Kulp > >> [email protected] > >> http://www.dankulp.com/blog > -- Daniel Kulp [email protected] http://www.dankulp.com/blog
