O'Reilly - Java Message Service
O'Reilly - Java Message Service
O'Reilly - Java Message Service
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
7.2.5 The Bottom Line<br />
<strong>Java</strong> <strong>Message</strong> <strong>Service</strong><br />
IP multicast has significant network throughput benefits in a one-to-many broadcast of<br />
information. A single multicast message to multiple recipients will always cause less<br />
network traffic than sending the message to each recipient via a TCP connection. A<br />
messaging vendor picks and chooses how much reliability to build on top of UDP based on<br />
the quality of service required for the message as defined by JMS.<br />
However, the choice is not that simple when it is applied to a deployment environment in a<br />
messaging product. The performance advantages of IP multicasting are only viable for a<br />
certain deployment environment. These advantages can diminish depending on the types<br />
of messages in your application, the networking hardware at your site, the deployment<br />
environment (intranet, extranet, internet), and the complexity of administration.<br />
Make sure to benchmark your application carefully before making a final decision, using<br />
the guidelines we discussed earlier in this chapter. You may be surprised at what you see.<br />
When a JMS provider is put under heavy stress with lots of clients, there are so many other<br />
factors involved that the speed at which network packets go across the wire is not usually a<br />
significant factor. You may see that one vendor's implementation of messaging over IP<br />
multicast will perform vastly differently from another's - even with the use of<br />
nonguaranteed messaging. You may even find that one vendor's TCP-based<br />
implementation performs better than another vendor's multicast implementation.<br />
7.3 Security<br />
In this section, we are only going to concern ourselves with those aspects of security that<br />
are commonly supported by JMS providers. You need to think about three aspects of<br />
security: authentication, authorization, and secure communication. How these aspects of<br />
security are implemented is vendor-specific, and each vendor uses its own combination of<br />
available technologies to authenticate, authorize, and secure communication between JMS<br />
clients.<br />
We will also discuss firewalls and HTTP tunneling as a solution to restrictions placed on<br />
JMS applications by organizations.<br />
7.3.1 Authentication<br />
Simply put, authentication verifies the identity of the user to the messaging system; it may<br />
also verify the identity of the server to the JMS client. The most common kind of<br />
authentication is a login screen that requires a username and a password. This is supported<br />
explicitly in the JMS API when a Connection is created, as well as in the JNDI API when<br />
an InitialContext is created. JMS providers that use username/password authentication<br />
may support either of these solutions:<br />
Properties env = new Properties( );<br />
env.put(Context.SECURITY_PRINCIPAL, "username");<br />
env.put(Context.SECURITY_CREDENTIALS, "password");<br />
TopicFactory topicFactory = jndiContext.lookup("...");<br />
...<br />
TopicConnection con =<br />
topicFactory.createTopicConnection("username", "password");<br />
116