Expand my Community achievements bar.

SOLVED

FDS +Jboss + JMS authentication

Avatar

Level 1
Hi everybody!



I'm using Flex Data Services (2.0.1 und 3 Beta) in JBoss
4.0.5 plus Tibco EMS as JMS server, which has authentication
enabled and gets JNDI requests forwarded from JBoss.



The Flash application in question has to receive JMS text
messages from a non-secured topic in an non-durable subscription.



It should use an account on th JMS server which has the right
to subscribe, but is not in the administrator group.





I'm using a mx:consumer tag, which gets initialize in an
initApp() fucntion which gets called via "mx:application
creationComplete" event.



//subscribe to JMS topic

consumer1.setRemoteCredentials("username","pwd");

consumer1.subscribe();



In messaging-config.xml i have the follwoing destination
configured:



<destination id="EMSTest-jms">

<properties>

<jms>


<message-type>javax.jms.TextMessage</message-type>


<connection-factory>TopicConnectionFactory</connection-factory>



<destination-jndi-name>topic.EMSTest</destination-jndi-name>

<delivery-mode>NON_PERSISTENT</delivery-mode>


<message-priority>DEFAULT_PRIORITY</message-priority>


<acknowledge-mode>AUTO_ACKNOWLEDGE</acknowledge-mode>

<transacted-sessions>false</transacted-sessions>

<initial-context-environment>

<property>

<name>Context.SECURITY_PRINCIPAL</name>

<value>username</value>

</property>

<property>

<name>Context.SECURITY_CREDENTIALS</name>

<value>pwd</value>

</property>

<property>

<name>Context.PROVIDER_URL</name>

<value>tibjmsnaming://someip:7222</value>

</property>

<property>

<name>Context.INITIAL_CONTEXT_FACTORY</name>


<value>com.tibco.tibjms.naming.TibjmsInitialContextFactory</value>

</property>

</initial-context-environment>

</jms>

</properties>

<channels>

<channel ref="my-rtmp"/>

<channel ref="my-amf"/>

</channels>

<adapter ref="jms"/>

</destination>



Now, during appliaction launch i get the following error
message from the JMS server:



"invalid passwort or username"



Since the configured values are valid, this doesn't make
sense, therefore i routed the JMS calls through tcpproxy.



tcp proxy shows three communications per consumer.subscribe()
call:



two JNDI calls to the server (maybe to get the connection
and the topic), which use the correct username/password



and a third call (maybe to actually subscribe to the topic)
which use username=anonymous and some other password



So, actually the JMS server has every right to complain, but
why is FDS using a different username/password for the last call???



Where do i configure those values???



Furthermore, the only location, where a username "anonymous"
is configured in the whole system, is in JBoss as default
unauthorized username in server.xml....





Thanks a lot for any help!

1 Accepted Solution

Avatar

Correct answer by
Former Community Member
Hi,



I checked with the current JMS adapter and unfortunately JMS
adapter does not support the authentication you need. I opened an
enhancement request and will make sure this configuration will be
supported for the next release.



Thanks for reporting the problem.

View solution in original post

8 Replies

Avatar

Level 1
Hi!



Unfortunately yes. In fact this is one of our main concerns
regarding production suitability, since our production servers use
authentication...

Avatar

Former Community Member


> I'm using Flex Data Services (2.0.1 und 3 Beta) in JBoss
4.0.5 plus

> Tibco EMS as JMS server, which has authentication
enabled and gets

> JNDI requests forwarded from JBoss.





Are you saying that you're using Flex 3 Beta with FDS 2.0.1?





Avatar

Correct answer by
Former Community Member
Hi,



I checked with the current JMS adapter and unfortunately JMS
adapter does not support the authentication you need. I opened an
enhancement request and will make sure this configuration will be
supported for the next release.



Thanks for reporting the problem.

Avatar

Level 1
Hi Peter!



No, i just tried both versions, and both exhibit this
behaviour ( which is explained by matamel
)



But thanks for your input!

Avatar

Level 1
Hi matamel !



Thanks for checking that.



Is there a timeframe for that release or feature ?



Since we can't use it in production until this feature is
there, it's absence is kind of a showstopper (brrrr... i said the
"bad word", sorry )



Thanks,

Roland

Avatar

Former Community Member
The next release is going to be around October, I
believe.

Avatar

Former Community Member
Happy to report that this JMS authentication support has been
added in our main branch and it will be available in the next
release (although I'm not sure of the dates for the next
release).
The following has evaluated to null or missing: ==> liqladmin("SELECT id, value FROM metrics WHERE id = 'net_accepted_solutions' and user.id = '${acceptedAnswer.author.id}'").data.items [in template "analytics-container" at line 83, column 41] ---- Tip: It's the step after the last dot that caused this error, not those before it. ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: #assign answerAuthorNetSolutions = li... [in template "analytics-container" at line 83, column 5] ----