geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Securing An Embedded ActiveMQ Resource Adapter
Date Fri, 28 Aug 2009 21:53:31 GMT

On Aug 28, 2009, at 2:45 PM, Joe Dente wrote:

> Hi,
> How do you configure the security of JMS queues and topics running  
> in Geronimo?
> I have a couple queues and one topic that are already functioning  
> and deployed using the deployment descriptor of a resource adapter  
> that describes the queues, topics and my connection factory. I need  
> to modify my resource adapter so that these queues and topics  
> require valid credentials to access (eventually I also need to use  
> SSL when communicating with these queues and topics).  ActiveMQ’s  
> site has a lot of information on securing ActiveMQ as a standalone  
> broker. However, I cannot find any information on configuring its  
> security when it is embedded within Geronimo. The only security  
> configurations I can find in the documentation are the “<config- 
> property-setting name=”UserName”>” and “<config-property-setting  
> name=”Password”>” that can be optionally specified on your  
> resourceadapter-instance element. These settings do not seem to have  
> any effect on my connections. The other security-related setting is  
> the “<credential-interface>” element, which is commented out in  
> every example I’ve seen and was also mentioned to be deprecated in a  
> forum I read.
> Does anybody have any experience with Geronimo’s JMS security?

The only security settings on the resource adapter are user name and  
password.  These let you set up a connection to an activemq broker.   
Everything else needs to be configured in the broker.

I don't know if you can configure any security in an embedded broker  
in geronimo 2.1.x using the gbean wrappers for activemq components.   
In 2.2 you should be able to configure security using the normal  
server.xml activemq configuration.  Alternatively you could use an  
external activemq instance for 2.1.x.

hope this helps
david jencks

> Thanks,
> Joe


Mime
View raw message