Hi, I am evaluating using JMX to do some management, including moving messages between queues. I'm currently trying to do it using the WebConsole, just to see how it works before spending time on development.
We are currently using the JaasAuthenticationPlugin, which adds a SecurityContext to the ConnectionContext if the user successfully authenticated. I then use the existence of the SecurityContext as a sign that they are authenticated later on in a custom authorization plugin. Unfortunately, when I use JMX it authenticates using the special JMX usernames and passwords, and it doesn't go through the JaasAuthenticationPlugin, so it doesn't get a SecurityContext. When I use JMX to move a message between queues, it ends up calling send() on my authorization plugin without having a SecurityContext, and so the send is denied. I can't seem to find any other marker that I could check to see if the call came from JMX. Any ideas on how I could either add a SecurityContext to a JMX connection, or how to detect in a BrokerPlugin that a call is actually coming from JMX? -- Mats Henrikson Software Engineer SunGard Kiodex Think before you print
