activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nikola Goran Cutura (JIRA)" <>
Subject [jira] Commented: (AMQ-826) LDAP based authorization support
Date Wed, 25 Oct 2006 22:02:02 GMT
    [ ] 
Nikola Goran Cutura commented on AMQ-826:

Thanks for wildcard link. I did not implement '*', I'll finish it as well. Is it possible
to have kind of regular expression like STOCKS.PRICE.NYSE.*BM ?

Regarding composite destinations, I would like your attention:

Union of ACLs means that if a user has privilege on at least one destination, all destinations
will allow operation.
Intersection of ACLs means that if a user lacks privilege on at least one destination, no
destination will allow operation.

I'll produce a test to verify this but my point is that current implementation of union is
a security leak (if my understanding is correct). Suppose that a guest user wants to read
from a destination not authorized for guests, say destination USERS.SECRET. A guest may create
a destination in GUEST space with all necessary privileges, say GUEST.ALLOW. Now, the user
creates a composite destination (GUEST.ALLOW, USERS.SECRET) and attempts an operation:

Case UNION: as operation is permitted on GUEST.ALLOW it is sufficient for composite destination;
operation is performed on both destinations in spite of the fact that user is not authorized
for the other.

Case INTERSECTION: as operation is NOT permitted on USERS.SECRET no operation is attempted
on composite destination.

Now, maybe I got it wrong but the method 'getXXXXXACLs()' in DefaultAuthorizationMap is pretty
clear - it adds all ACLs from all entries...

> LDAP based authorization support
> --------------------------------
>                 Key: AMQ-826
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Improvement
>            Reporter: james strachan
>         Assigned To: Nikola Goran Cutura
>         Attachments:
> Patch kindly added by ngcutura - discussion thread...

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message