Have anyone tried to send JMS message to an external JMS queue from behind a company firewall. What if your firewall does not support http tunnelling? Can anyone share your thoughts and experience if you have come acros this.
This issue could be related to the assignment of part II.
To resolve this issue you could have a look at the book Core Security Patterns: Best Practices and Strategies for J2EE™, Web Services, and Identity Management.
From a security viewpoint, a JMS-based application security solution requires support for authentication, authorization, encryption, confidentiality, data integrity, and non-repudiation.
Most messaging vendors provide support for some of these features:
* JMS provider authentication and access control
* JMS queues protection so that the destinations are available for access to privileged applications
* JMS message and transport security
The JMS specification does not address the choice of protocols to transport JMS messages.
To secure JMS transport, most providers facilitate secure communication by adopting transport-layer integrity and confidentiality mechanisms based on SSL/TLS protocols.
These transport-specific properties are configured at the JMS provider level and are applied to communication during the creation of the JMS connection