Implementing JMS security is very much vendor specific...and we did discuss in our book. The most common JMS security options are:
- Enabling JMS Provider authentication and access control
- JMS Queues and Topics protection, so that the desinations are available for access to privileged applications
- JMS Message-level (Using Encryption and Digital signatures) and Transport-layer security (Using SSL).
One
word of caution, these options are NOT defined by JMS standard specifications so it depends upon your JMS provider.
Refer to Chapter 5 -
J2EE Security Architecture.
Goodluck
/Ramesh
[ January 11, 2006: Message edited by: Ramesh Nagappan ]