[prev in list] [next in list] [prev in thread] [next in thread] 

List:       activemq-dev
Subject:    [jira] Resolved: (AMQ-2516) SecurityException raised when broker
From:       "Gary Tully (JIRA)" <jira () apache ! org>
Date:       2009-11-27 8:23:54
Message-ID: 1211370117.1259310234755.JavaMail.jira () brutus
[Download RAW message or body]


     [ https://issues.apache.org/activemq/browse/AMQ-2516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

Gary Tully resolved AMQ-2516.
-----------------------------

       Resolution: Fixed
    Fix Version/s: 5.4.0
                   5.3.1

resolved in r884778
thanks for the good description. send to dlq (when configured) now uses the brokers \
security context so that it is immune to authentication configuration.

> SecurityException raised when broker tries to move expired message to DLQ
> -------------------------------------------------------------------------
> 
> Key: AMQ-2516
> URL: https://issues.apache.org/activemq/browse/AMQ-2516
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.3.0
> Environment: Windows XP SP2
> Java JRE 1.6
> Issue found on both FUSE Message Broker 5.3.0.3 & 5.3.0.5 (based on Apache ActiveMQ \
>                 5.3)
> Reporter: Concombre Masqué
> Assignee: Gary Tully
> Fix For: 5.3.1, 5.4.0
> 
> Attachments: activemq.log, activemq_configuration.zip, jmsproducer_sample.zip
> 
> 
> I have enabled authentication + authorization in my broker configuration file as \
> follows: <jaasAuthenticationPlugin configuration="PropertiesLogin" />
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="users" write="users" admin="users"/>
> <authorizationEntry topic="ActiveMQ.Advisory.>" read="users" write="users" \
> admin="users"/> </authorizationEntries>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> If I send a message with a TTL into the queue (using provided sample configured \
> with the right username and password) and then try to look after the message in the \
> queue after it has expired using the Web Console, I got the following exception: \
> "Caught an exception sending to DLQ: Message \
>                 ID:PC198829-1539-1259168148838-0:1:1:1:1 dropped=false locked=false
> java.lang.SecurityException: User is not authenticated."
> This only occurs when the broker has to deal with the DLQ as I can successfully \
> read/write in any queue. It seems that the thread responsible for moving the \
> message into the DLQ doesn't have the right to perform this action (username and \
> password not propagated to its connexion context ? ).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


[prev in list] [next in list] [prev in thread] [next in thread]