*
The moose likes Security and the fly likes JMS Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "JMS Security" Watch "JMS Security" New topic
Author

JMS Security

Bhavesh Ravjee
Greenhorn

Joined: Jun 15, 2004
Posts: 11
I am currently implementing security with JMS. Could you provide some guidance/advice on the type of security I am dealing with? Thanks in advance and looking forward to your response.
[ January 10, 2006: Message edited by: Bhavesh Ravjee ]

With great power comes great responsibility!
Ramesh Nagappan
Author
Ranch Hand

Joined: May 06, 2003
Posts: 159
Implementing JMS security is very much vendor specific...and we did discuss in our book. The most common JMS security options are:

- Enabling JMS Provider authentication and access control
- JMS Queues and Topics protection, so that the desinations are available for access to privileged applications
- JMS Message-level (Using Encryption and Digital signatures) and Transport-layer security (Using SSL).

One word of caution, these options are NOT defined by JMS standard specifications so it depends upon your JMS provider.

Refer to Chapter 5 - J2EE Security Architecture.

Goodluck

/Ramesh
[ January 11, 2006: Message edited by: Ramesh Nagappan ]

Ramesh Nagappan CISSP<br />Co-Author of "Core Security Patterns"<br />nramesh@post.harvard.edu<br /><a href="http://www.coresecuritypatterns.com" target="_blank" rel="nofollow">www.coresecuritypatterns.com</a>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JMS Security
 
Similar Threads
Message Driven Bean security problems
JMS Security
JMS question
How to authenticate publishers of JMS messages
Embedded JMS provider problem, Help!