Skip to Main Content
Java Message Service, 2nd Edition
book

Java Message Service, 2nd Edition

by Mark Richards, Richard Monson-Haefel, David A Chappell
May 2009
Intermediate to advanced content levelIntermediate to advanced
330 pages
10h 34m
English
O'Reilly Media, Inc.
Content preview from Java Message Service, 2nd Edition

Security

In this section, we are only going to concern ourselves with those aspects of security that are commonly supported by JMS providers. You need to think about three aspects of security: authentication, authorization, and secure communication. How these aspects of security are implemented is vendor-specific and each vendor uses its own combination of available technologies to authenticate, authorize, and secure communication between JMS clients.

We will also discuss firewalls and HTTP tunneling as a solution to restrictions placed on JMS applications by organizations.

Authentication

Simply put, authentication verifies the identity of the user to the messaging system; it may also verify the identity of the server to the JMS client. The most common kind of authentication is a login screen that requires a username and a password. This is supported explicitly in the JMS API when a Connection is created, as well as in the JNDI API when an InitialContext is created. JMS providers that use username/password authentication may support either of these solutions:

Properties env = new Properties();

env.put(Context.SECURITY_PRINCIPAL, "username");  
env.put(Context.SECURITY_CREDENTIALS, "password");
InitalContect ctx = new InitialContext(env);

TopicConnectionFactory factory = 
    (TopicConnectionFactory)ctx.lookup("...");

TopicConnection connection = 
    factory.createTopicConnection("username", "password");

JMS providers may also use more sophisticated mechanisms for authentication, such as secret ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Reactive Systems in Java

Reactive Systems in Java

Clement Escoffier, Ken Finnigan
Java 8 in Action

Java 8 in Action

Mario Fusco, Alan Mycroft, Raoul-Gabriel Urma
The Well-Grounded Java Developer, Second Edition

The Well-Grounded Java Developer, Second Edition

Benjamin Evans, Martijn Verburg, Jason Clark

Publisher Resources

ISBN: 9780596802264Supplemental ContentErrata Page