Return-Path: Delivered-To: apmail-activemq-dev-archive@www.apache.org Received: (qmail 8145 invoked from network); 13 Oct 2009 18:56:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 13 Oct 2009 18:56:15 -0000 Received: (qmail 4208 invoked by uid 500); 13 Oct 2009 18:56:15 -0000 Delivered-To: apmail-activemq-dev-archive@activemq.apache.org Received: (qmail 4179 invoked by uid 500); 13 Oct 2009 18:56:15 -0000 Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list dev@activemq.apache.org Received: (qmail 4169 invoked by uid 99); 13 Oct 2009 18:56:15 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 13 Oct 2009 18:56:15 +0000 X-ASF-Spam-Status: No, hits=-10.5 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 13 Oct 2009 18:56:13 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id CDDC0234C045 for ; Tue, 13 Oct 2009 11:55:52 -0700 (PDT) Message-ID: <517528025.1255460152819.JavaMail.jira@brutus> Date: Tue, 13 Oct 2009 11:55:52 -0700 (PDT) From: "Dave Stanley (JIRA)" To: dev@activemq.apache.org Subject: [jira] Updated: (AMQ-2449) Peer certificates not propagated when using stomp+ssl w/mutual authentication In-Reply-To: <510877557.1255460032715.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: ae95407df07c98740808b2ef9da0087c [ https://issues.apache.org/activemq/browse/AMQ-2449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dave Stanley updated AMQ-2449: ------------------------------ Attachment: stomp_ssl_patch.txt Patch w/unit test attached that should fix the problem (cut from trunk) Also includes some cleanup fixes to the stomp unit tests. > Peer certificates not propagated when using stomp+ssl w/mutual authentication > ------------------------------------------------------------------------------ > > Key: AMQ-2449 > URL: https://issues.apache.org/activemq/browse/AMQ-2449 > Project: ActiveMQ > Issue Type: Bug > Components: Transport > Affects Versions: 5.3.0 > Environment: ActiveMQ 5.x > Reporter: Dave Stanley > Attachments: stomp_ssl_patch.txt > > > When using stomp+ssl w/mutual authentication the broker throws and "Unable to authenticate transport without SSL certificate.", for example: > java.lang.SecurityException: Unable to authenticate transport without SSL certificate. > at org.apache.activemq.security.JaasCertificateAuthenticationBroker.addConnection(JaasCertificateAuthenticationBroker.java:75) > at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:89) > at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:686) > at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:86) > at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:134) > at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:308) > at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:182) > at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:68) > at org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:210) > at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:78) > at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:135) > at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:491) > at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:187) > at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:67) > at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:84) > at org.apache.activemq.transport.tcp.SslTransport.doConsume(SslTransport.java:104) > at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:203) > at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:185) > at java.lang.Thread.run(Thread.java:636) > Problem is due to the peer certs not being set in the transport context for the stomp connection. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.