We use the authorization Plugin to restrict anyone other than admins to views any queues [1]
But a non admin users can login to hawtio and browse the messages of that queue.

[1] <authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="admins" write="admins" admin="admins" />
<authorizationEntry queue="ADMIN.TEST.QUEUE" read="ctl_users" write="ctl_users" admin="admins" />
<authorizationEntry queue="DLQ.ADMIN.TEST.QUEUE" read="ctl_users" write="ctl_users" admin="admins" />
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>