MDB + Secure Queue
Anamitra Bhattacharyya
I am having trouble getting the MDB to work with a secure Queue in weblogic. I set up the security using the WLS admin console and it has just a userid/password protection to all the Queue operations. I am not sure how to tell the container of the MDB to connect using that userid/password combination. What I have done is use the run-as identity in the deployment descriptors and thats not helping it to connect to the Queue.
I am a bit lost on how to set up the MDB for the secure Queue - any pointers is really appreciated.
thanks
Anamitra
Lakshminarayanan Muralidharan
- THIS IS THE LINK FOR 8.1 on how to configure security for MDB
Murali
Anamitra Bhattacharyya
I have already done that and I still get that error:
<Sep 7, 2004 9:28:44 AM EDT> <Warning> <EJB> <BEA-010096> <The Message-Driven EJ
B: JMSContQueueProcessor-1 is unable to connect to the JMS destination: jms/mro/
int/queues/cqin. Connection failed after 2 attempts. The MDB will attempt to rec
onnect every 10 seconds. This log message will repeat every 600 seconds until th
e condition clears.>
<Sep 7, 2004 9:28:45 AM EDT> <Warning> <EJB> <BEA-010061> <The Message-Driven EJ
B: JMSContQueueProcessor-1 is unable to connect to the JMS destination: jms/mro/
int/queues/cqin. The Error was:
weblogic.jms.common.JMSSecurityException: Access denied to resource: type=<jms>,
application=, destinationType=queue, resource=cq, action=receive
weblogic.jms.common.JMSSecurityException: Access denied to resource: type=<jms>,
application=, destinationType=queue, resource=cq, action=receive
at weblogic.jms.JMSService.checkPermission(JMSService.java:1140)
at weblogic.jms.JMSService.checkRecvPermission(JMSService.java:1157)
at weblogic.jms.frontend.FESession.consumerCreate(FESession.java:1049)
at weblogic.jms.frontend.FESession.invoke(FESession.java:2552)
at weblogic.jms.dispatcher.Request.wrappedFiniteStateMachine(Request.jav
a:621)
at weblogic.jms.dispatcher.DispatcherImpl.dispatchSync(DispatcherImpl.ja
va:153)
at weblogic.jms.client.JMSSession.consumerCreate(JMSSession.java:1860)
at weblogic.jms.client.JMSSession.createConsumer(JMSSession.java:1691)
at weblogic.jms.client.JMSSession.createReceiver(JMSSession.java:1530)
at weblogic.ejb20.internal.JMSConnectionPoller.setUpQueueSessions(JMSCon
nectionPoller.java:1720)
at weblogic.ejb20.internal.JMSConnectionPoller.createJMSConnection(JMSCo
nnectionPoller.java:2012)
at weblogic.ejb20.internal.JMSConnectionPoller.connectToJMS(JMSConnectio
nPoller.java:1180)
at weblogic.ejb20.internal.JMSConnectionPoller.trigger(JMSConnectionPoll
er.java:978)
at weblogic.time.common.internal.ScheduledTrigger.run(ScheduledTrigger.j
ava:243)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
at weblogic.time.common.internal.ScheduledTrigger.executeLocally(Schedul
edTrigger.java:229)
at weblogic.time.common.internal.ScheduledTrigger.execute(ScheduledTrigg
er.java:223)
at weblogic.time.server.ScheduledTrigger.execute(ScheduledTrigger.java:5
0)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
I have attached my dd file below:
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
"http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar id="ejb-jar_ID">
<display-name>MEA JMS EJB Module</display-name>
<enterprise-beans>
<message-driven id="MessageDriven_JMSContQueueProcessor_1">
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<ejb-class>psdi.iface.jms.JMSContQueueProcessor</ejb-class>
<transaction-type>Container</transaction-type>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
</message-driven-destination>
<env-entry>
<env-entry-name>MESSAGEPROCESSOR</env-entry-name>
<env-entry-type>java.lang.String </env-entry-type>
<env-entry-value>psdi.iface.jms.QueueToMaximoProcessor</env-entry-value>
</env-entry>
<security-identity>
<run-as>
<role-name>integrationuser</role-name>
</run-as>
</security-identity>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>integrationuser</role-name>
</security-role>
<container-transaction>
<method>
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
-----------------------------------------------------
<?xml version="1.0"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC "-//BEA Systems, Inc.//DTD WebLogic 6.0.0 EJB//EN" "http://www.bea.com/servers/wls600/dtd/weblogic-ejb-jar.dtd">
<!-- Sample MessageDriven bean Weblogic deployment descriptor -->
<weblogic-ejb-jar>
<weblogic-enterprise-bean>
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<message-driven-descriptor>
<pool>
<max-beans-in-free-pool>1</max-beans-in-free-pool>
<initial-beans-in-free-pool>0</initial-beans-in-free-pool>
</pool>
<destination-jndi-name>jms/mro/int/queues/cqin</destination-jndi-name>
<connection-factory-jndi-name>jms/mro/int/qcf/intqcf</connection-factory-jndi-name>
</message-driven-descriptor>
<transaction-descriptor>
<trans-timeout-seconds>600</trans-timeout-seconds>
</transaction-descriptor>
<jndi-name>JMSContQueueProcessor-1</jndi-name>
</weblogic-enterprise-bean>
<security-role-assignment>
<role-name>integrationuser</role-name>
<principal-name>new_user1</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>
Did I miss anything?
thanks
Anamitra