}
boolean isQueue = jbd.isQueue();
String name = jbd.getName();
SecurityStore sm = conn.getSecurityManager();
SecurityMetadata securityMetadata = sm.getSecurityMetadata(isQueue, name);
if (securityMetadata == null)
{
throw new JMSSecurityException("No security configuration avaliable for " + name);
}
// Authenticate. Successful autentication will place a new SubjectContext on thread local,
// which will be used in the authorization process. However, we need to make sure we clean up
// thread local immediately after we used the information, otherwise some other people
// security my be screwed up, on account of thread local security stack being corrupted.
sm.authenticate(conn.getUsername(), conn.getPassword());
// Authorize
Set principals = checkType == CheckType.READ ? securityMetadata.getReadPrincipals() :
checkType == CheckType.WRITE ? securityMetadata.getWritePrincipals() :
securityMetadata.getCreatePrincipals();
try
{
if (!sm.authorize(conn.getUsername(), principals, checkType))
{
String msg = "User: " + conn.getUsername() +
" is not authorized to " +
(checkType == CheckType.READ ? "read from" :
checkType == CheckType.WRITE ? "write to" : "create durable sub on") +