WebSphere Application Server - Express, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring security for message-driven beans that use listener ports

Use this task to configure resource security and security permissions for Enterprise JavaBeans (EJB) Version 2.0 message-driven beans deployed to use listener ports.

Why and when to perform this task

Messages arriving at a listener port have no client credentials associated with them. The messages are anonymous.

To call secure enterprise beans from a message-driven bean, the message-driven bean needs to be configured with a RunAs Identity deployment descriptor. Security depends on the role specified by the RunAs Identity for the message-driven bean as an EJB component.

For more information about EJB security, see EJB component security. For more information about configuring security for your application, see Assembling secured applications.

JMS connections used by message-driven beans can benefit from the added security of using J2C container-managed authentication. To enable the use of J2C container authentication aliases and mapping, define a J2C container-managed alias on the JMS connection factory definition that the message-driven bean is using to listen upon (defined by the Connection factory JNDI name property of the listener port). If defined, the listener uses the container-managed authentication alias for its JMSConnection security credentials instead of any application-managed alias. To set the container-managed alias, use the administrative console to complete the following steps:

Steps for this task

  1. To display the listener port settings, click Servers > Application Servers > application_server > [Communications] Messaging > Message Listener Service > Listener Ports > listener_port
  2. To get the name of the JMS connection factory, look at the Connection factory JNDI name property.
  3. Display the JMS connection factory properties. For example, to display the properties of a WebSphere queue connection factory provided by the default messaging provider, click Resources > JMS Providers > Default Messaging Provider > > [Content pane] WebSphere Queue Connection Factories > connection_factory
  4. Set the Authentication alias property.
  5. Click OK



Related tasks
Configuring message listener resources for message-driven beans

Task topic    

Terms of Use | Feedback

Last updated: Jun 8, 2005 12:45:23 PM EDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tmb_sec00.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)