camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gquintana <>
Subject Re: Weblogic JMS Security Issues - A possible resolution
Date Wed, 03 Jul 2013 12:56:31 GMT

I struggled against this one as well (I am happy not to be alone!), it's
more related to WebLogic and Spring's DefaultMessageListenerContainer than
Camel. My understanding is that, in WebLogic, the security context (who is
sending/receiving messages) is bound to the thread getting the
ConnectionFactory, instead of being bound to the Connection/Session object
itself. With Spring DMLC, the thread getting the connection factory is not
the thread sending/receiving messages, as a result we are loosing user
rights between threads. I ended up with a solution based a
decoratorconnectionfactory (see honeybunny post
) and disabling all connection caching: each thread gets his own
connectionfactory. It's a catastrophe from a performance point of view
because the connectionfactory/connection can not be cached and shared
between listener threads, but it works.

Your Github article is very interesting (thanks for sharing), I ignored
these Security/Authenticate WebLogic classes.

I need to test the behaviour of the new SJMS component (not based on Spring
DMLC) and see if it's better. We could put up WeblogicMQ specific component
(based on JMS or SJMS) do solve this problem.

I advise you to read these blogs in case you didn't

Another challenge I had to face was receiving JMS message from one broker,
processing it, and then sending it to another broker. I had to introduce a
Thread EIP in the middle just to lose this damned thread bound security
context (user are different on both ends).

View this message in context:
Sent from the Camel - Users mailing list archive at

View raw message