Glassfish JMS (flat-file) authentication

Question

Flat-file JMS authentication is easy to set up on Glassfish (see http://docs.sun.com/app/docs/doc/821-0027/aeofg?a=view).

The problem is the client part. I am writing a standalone Java client to access my JMS ressources (ConnectionFactory and Destination) via JNDI.

How to pass a username and a password to JMS from that client ?

I already tried several things such as:

1) Adding those credentials in the InitialContext

 context.addToEnvironment(InitialContext.SECURITY_PRINCIPAL, "username");
 context.addToEnvironment(InitialContext.SECURITY_CREDENTIALS, "password");

2) Using JMS username and password parameters in the connection factory

 connectionFactory.createConnection();

However, none of those methods is working.

When I run the program, I just get:

com.sun.messaging.jms.JMSSecurityException: [C4084]: Échec de 
l'authentification de l'utilisateur :  user=guest, broker=localhost:7676(34576) 
at com.sun.messaging.jmq.jmsclient.ProtocolHandler.authenticate
(ProtocolHandler.java:1084)

So it keeps trying to authenticate with the "guest" user.

For this test, I used connection.NORMAL.deny.user=* as permission rule (accesscontrol.properties).

The interesting part is that this exception is thrown even before the connection factore is obtained:

 InitialContext context = new InitialContext();

 ConnectionFactory connectionFactory = 
 (ConnectionFactory)context.lookup("jms/middleware/factory"); 
 /* The exception is thrown here, so authentication MUST have happened 
    before already (i.e. NOT in the createConnection(username, password) method) */

Hope someone knows the answer.

Many thanks in advance

Regards,

Dinesh

Answer 1

OK I found a workaround, which is to not use JNDI, but to use vendor-specific JMS API instead, as described on http://weblogs.java.net/blog/kalali/archive/2010/03/02/open-mq-open-source-message-queuing-beginners-and-professionals-0

The final code is:

com.sun.messaging.ConnectionFactory connectionFactory = new com.sun.messaging.ConnectionFactory();
QueueConnection queueConnection = connectionFactory.createQueueConnection("user01", "password01");

Which this time leads to the error

Error: [C4060]: Login failed:  user=user01, broker=localhost:7676(53445)

Which is great ;)

So, workaround is working. However if someone does know how to achive this also with JNDI it would be even better.