JMS Security Policies Are Not Honored When JMSServer Name Has @ In It
Last updated on DECEMBER 11, 2017
Applies to:Oracle WebLogic Server - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
WLS does not honor the JMS Security Policies defined at the Queue level.
Security policies are defined in WLS Admin console under:
JMS Module ---> <queue_name> ---> Security ---> Policies ---> AddCondition
eg: to define a condition to allow only a specific user to send messages to the queue:
JMS Module ---> MyQueue1 ---> Security ---> Policies ---> AddCondition ---> User ---> userabc ---> Add
If user "userxyz" sends a message to the Queue, he should not be able to send. However, in this case he is able to send and received messages despite the security policy restricts access to only "userabc"
JMSServer has @ in its name. eg: JMSServer@osb1
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms