Return-Path: X-Original-To: apmail-camel-users-archive@www.apache.org Delivered-To: apmail-camel-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9686910897 for ; Wed, 3 Jul 2013 12:57:19 +0000 (UTC) Received: (qmail 96895 invoked by uid 500); 3 Jul 2013 12:57:18 -0000 Delivered-To: apmail-camel-users-archive@camel.apache.org Received: (qmail 96671 invoked by uid 500); 3 Jul 2013 12:57:18 -0000 Mailing-List: contact users-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@camel.apache.org Delivered-To: mailing list users@camel.apache.org Received: (qmail 96663 invoked by uid 99); 3 Jul 2013 12:57:16 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Jul 2013 12:57:16 +0000 X-ASF-Spam-Status: No, hits=2.0 required=5.0 tests=SPF_NEUTRAL,URI_HEX X-Spam-Check-By: apache.org Received-SPF: error (athena.apache.org: encountered temporary error during SPF processing of domain of gerald.quintana@gmail.com) Received: from [216.139.236.26] (HELO sam.nabble.com) (216.139.236.26) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Jul 2013 12:57:12 +0000 Received: from [192.168.236.26] (helo=sam.nabble.com) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1UuMbn-0004JY-SV for users@camel.apache.org; Wed, 03 Jul 2013 05:56:31 -0700 Date: Wed, 3 Jul 2013 05:56:31 -0700 (PDT) From: gquintana To: users@camel.apache.org Message-ID: <1372856191876-5735149.post@n5.nabble.com> In-Reply-To: <1372811685745-5735108.post@n5.nabble.com> References: <1372811685745-5735108.post@n5.nabble.com> Subject: Re: Weblogic JMS Security Issues - A possible resolution MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Hi, I struggled against this one as well (I am happy not to be alone!), it's more related to WebLogic and Spring's DefaultMessageListenerContainer than Camel. My understanding is that, in WebLogic, the security context (who is sending/receiving messages) is bound to the thread getting the ConnectionFactory, instead of being bound to the Connection/Session object itself. With Spring DMLC, the thread getting the connection factory is not the thread sending/receiving messages, as a result we are loosing user rights between threads. I ended up with a solution based a decoratorconnectionfactory (see honeybunny post http://forum.springsource.org/showthread.php?62373-weblogic-10-standalone-jms-client ) and disabling all connection caching: each thread gets his own connectionfactory. It's a catastrophe from a performance point of view because the connectionfactory/connection can not be cached and shared between listener threads, but it works. Your Github article is very interesting (thanks for sharing), I ignored these Security/Authenticate WebLogic classes. I need to test the behaviour of the new SJMS component (not based on Spring DMLC) and see if it's better. We could put up WeblogicMQ specific component (based on JMS or SJMS) do solve this problem. I advise you to read these blogs in case you didn't http://www.jayway.com/2011/06/26/secure-jms-spring-and-weblogic-a-one-click-workaround/ http://sleeplessinslc.blogspot.fr/2009/04/weblogic-jms-standalone-multi-threaded.html Another challenge I had to face was receiving JMS message from one broker, processing it, and then sending it to another broker. I had to introduce a Thread EIP in the middle just to lose this damned thread bound security context (user are different on both ends). -- View this message in context: http://camel.465427.n5.nabble.com/Weblogic-JMS-Security-Issues-A-possible-resolution-tp5735108p5735149.html Sent from the Camel - Users mailing list archive at Nabble.com.