activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Timothy Bish (JIRA)" <>
Subject [jira] [Closed] (AMQ-3688) slave fail if client connected to master via SSL in master/slave configuration
Date Thu, 29 Nov 2012 21:36:59 GMT


Timothy Bish closed AMQ-3688.

    Resolution: Won't Fix

Pure master/slave removed in upcoming v5.8.0
> slave fail if client connected to master via SSL in master/slave configuration
> ------------------------------------------------------------------------------
>                 Key: AMQ-3688
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.5.0, 5.5.1
>         Environment: A master broker with SSL enabled and client certificate authentication.
> A slave broker with a master connector using a TCP transport with username and password
> On each broker, JaasDualAuthenticationPlugin enabled.
> On each broker an authorizationMap restraining access to queues to specified groups.
>            Reporter: SL
> 0/ the master/slave configuration is started, the slave have started its master connector
using its credential (username/pasword) and a MasterBroker instance have been created on the
> 1/ a client creates a new connection on the master broker with ssl and its client certificate.
the ConnectionInfo is propagated through the BrokerFilter stack with addConnection().
> 2/ the MasterBroker sends the ConnectionInfo to the slave via sendAsyncToSlave(Command
command) ; the ConnectionInfo have userName=null and password=null but appropriate transportContext
information that allowed it to pass though JaasCertificateAuthenticationBroker is set.
> 3/ The slave broker receive the ConnectionInfo command, does not have the initial SSL
transportContext, channel it as no SSL to JaasAuthenticationBroker, which choke on the null
userName ( -> NPE in login() -> Login failed exception )
> 4/ Each message inserted on the master by the ssl client triggers an exception (Slave
Failed) for the the unreferenced connection id on the slave side. 

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message