Originally posted by Noel M OConnor:
Does this book provide hints about what, when and how to secure different
aspects of a system. For example with JMS one approach might be to encrypt
data being sent via JMS or another alternative solution might be to run the
JMS over SSL.
Both approaches I feel are valid but the per message encryption approach
might be a bit of overkill.
Noel,
Thanks for bringing this up.
The book discusses about all possible JMS Security options such as "Securing JMS Channel including message and transport", "JMS Provider Authentication", "Enabling JMS Destination Access Control". You need to be cautious about using these options...as all these options are not dictated by the JMS Specifications and it is more vendor specific.
/Ramesh