我有一个非常简单的MDB,只要从中读取消息的队列不安全就可以正常工作
用我的用户名保护队列后,它就可以了;不再阅读消息
@MessageDriven(mappedName = "DistributedQueueTest")
public class MdbReceiver implements MessageListener {
@Resource
private MessageDrivenContext mdc;
@Override
public void onMessage(Message inMessage) {
TextMessage msg = null;
try {
msg = (TextMessage) inMessage;
System.out.println("Test MdbReceiver Message received : " + msg.getText());
} catch (JMSException e) {
e.printStackTrace();
mdc.setRollbackOnly();
}
}
}
我尝试了所有类型的@RunAs注释
@weblogic.jws.security.RunAs(role="Joan",mapToPrincipal="ccc_user")其中ccc_user被允许从队列中读取消息
import javax.annotation.security.RunAs;
@RunAs("SomeRole")在部署时给出了错误
无法部署EJB:来自mdbReceiver.jar的MdbReceiver:映射中的预期角色
任何想法我怎么能用注释做到这一点?我甚至没有注释就试过了 ...同样,weblogic控制台中的例外是
weblogic.jms.common.JMSSecurityException: Access denied to resource: type=<jms>, application=UNIV_REC_Module, destinationType=queue, resource=DistributedQueueTest, action=receive
谢谢
答案 0 :(得分:2)
我回答我的问题,因为我找到了一个解决方案: 问题是注释或weblogic中有错误,或者没有像我预期的那样实现。
解决方案是在没有旧样式注释的情况下执行此操作
所以MDB是:
public class MdbReceiver implements MessageListener ,MessageDrivenBean{
MessageDrivenContext mdc;
@Override
public void onMessage(Message inMessage) {
TextMessage msg = null;
try {
msg = (TextMessage) inMessage;
System.out.println("qwerty1");
System.out.println("Test MdbReceiver Message received : " + msg.getText());
} catch (JMSException e) {
e.printStackTrace();
mdc.setRollbackOnly();
}
}
@Override
public void ejbRemove() throws EJBException {
// TODO Auto-generated method stub
}
@Override
public void setMessageDrivenContext(MessageDrivenContext mdc) throws EJBException {
this.mdc = mdc;
}
}
然后我们需要另外两个文件: ejb-jar.xml中
<?xml version="1.0" encoding="UTF-8"?>
<ejb-jar version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd">
<enterprise-beans>
<message-driven>
<ejb-name>MdbReceiver</ejb-name>
<ejb-class>mdb.receiver.MdbReceiver</ejb-class>
<transaction-type>Container</transaction-type>
<message-destination-type>javax.jms.Queue</message-destination-type>
<security-identity>
<run-as>
<role-name>Loan</role-name>
</run-as>
</security-identity>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>Loan</role-name>
</security-role>
<container-transaction>
<method>
<ejb-name>MdbReceiver</ejb-name>
<method-name>onMessage()</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
和
WebLogic的EJB-jar.xml中
<?xml version="1.0" encoding="UTF-8"?>
<weblogic-ejb-jar version="wls_10.3"
xmlns="http://www.bea.com/ns/weblogic/weblogic-ejb-jar" xmlns:j2ee="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-ejb-jar http://www.bea.com/ns/weblogic/weblogic-ejb-jar.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd">
<weblogic-enterprise-bean>
<ejb-name>MdbReceiver</ejb-name>
<message-driven-descriptor>
<destination-jndi-name>DistributedQueueTest</destination-jndi-name>
</message-driven-descriptor>
</weblogic-enterprise-bean>
<security-role-assignment>
<role-name>Loan</role-name>
<principal-name>test1234</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>
角色名称无关紧要,因为我可以看到主要名称很重要。 它需要有权从安全队列中读取
答案 1 :(得分:1)
如果您按照以下方式注释MDB,它应该可以工作:
@MessageDriven(name = "MdbReceiver", mappedName = "DistributedQueueTest")
@DeclareRoles({"Loan"})
@RolesAllowed("Loan")
public class MdbReceiver implements MessageListener {
...
}