Reputation: 420
Can we setup JMS communication without username and password?
I am working in a jBoss environment and implemented JMS for enabling asynchronous communication between two modules. But for this I need to add the user by "add-user.sh" script. Then the user information gets saved in application-users.properties and application-roles.properties. Then I need to hardcode this username and password in the MessagePublisher class who will authenticate the user by the following block of code -
final static String INITIAL_CONTEXT_FACTORY = "org.jboss.naming.remote.client.InitialContextFactory";
Context context=null;
final Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
env.put(Context.PROVIDER_URL, System.getProperty(Context.PROVIDER_URL, PROVIDER_URL));
env.put(Context.SECURITY_PRINCIPAL, System.getProperty("username", "abcd"));
env.put(Context.SECURITY_CREDENTIALS, System.getProperty("password", "xyz"));
context = new InitialContext(env);
But I just want to bypass this step of username and password. I know in ActiveMQ it is possible by setting <simpleAuthenticationPlugin anonymousAccessAllowed="true">Similarly can we do the same thing in JMS?
I found that in the standalone.xml there is an entry -
<security-settings>
<security-setting match="#">
<permission type="send" roles="guest"/>
<permission type="consume" roles="guest"/>
<permission type="createNonDurableQueue" roles="guest"/>
<permission type="deleteNonDurableQueue" roles="guest"/>
</security-setting>
</security-settings>
I am sure we need to modify this section, but didn't found any reference.
How can we allow an anonymous username to send messages to a JMS queue or topic?
Thanks in advance...
Upvotes: 1
Views: 1283
Answers (1)
Reputation: 420
after some research I found out the answer.
In the standalone.xml file under the messaging subsystem - Remove the following lines –
<security-settings>
<security-setting match="#">
<permission type="send" roles="guest"/>
<permission type="consume" roles="guest"/>
<permission type="createNonDurableQueue" roles="guest"/>
<permission type="deleteNonDurableQueue" roles="guest"/>
</security-setting>
Instead add the following line in that same place –
<security-enabled>false</security-enabled>
Under the remoting subsystem we need to remove the security-realm entry. So remove the line -
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
And add the line -
<connector name="remoting-connector" socket-binding="remoting"/>
With this we can do the following -
// Set up the context for the JNDI lookup
final Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
env.put(Context.PROVIDER_URL, System.getProperty(Context.PROVIDER_URL, PROVIDER_URL));
// username and password are not required
//env.put(Context.SECURITY_PRINCIPAL, "username");
//env.put(Context.SECURITY_CREDENTIALS, "password");
context = new InitialContext(env);
// Create the JMS connection, session, producer, and consumer
// no need to pass the username and password when create connection
//connection = connectionFactory.createConnection("usernme", "password");
connection = connectionFactory.createConnection();
Thanks Nirmalya
Upvotes: 2
Related Questions
- How to connect to an ActiveMQ server by setting the username and password programmatically?
- Missing application-http-authentication in JBoss EAP 7.4 standalone.xml which uses ApplicationDomain
- Use username and password for ActiveMQ JMS Connection
- Connect HermesJMS to Wildfly 8.2
- Wildfly setup using ejb remote access and custom login module / applicationrealm is additionally called
- Create a security level through authentification when connecting to a ActiveMQ destination
- JBoss Wildfly - database login module
- JBoss user permissions
- Glassfish JMS (flat-file) authentication