activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Gomes (JIRA)" <jira+amq...@apache.org>
Subject [jira] [Updated] (AMQNET-415) Client with wrong credentials overloads server when using failover
Date Thu, 21 Feb 2013 23:24:12 GMT

     [ https://issues.apache.org/jira/browse/AMQNET-415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jim Gomes updated AMQNET-415:
-----------------------------

    Description: 
If the ActiveMQ broker has been secured to enforce login credentials, the NMS client will
continually attempt to authenticate against it if it is using the failover protocol.

Steps to Reproduce:
----------------------
1. Configure the broker to require login credentials for connections.
2. Configure the NMS client to use failover mode.
3. Configure the NMS client with incorrect login credentials.
4. Attempt to connect the NMS client to the server.

Results:
----------------------
The client reattempts login continuously without backing off, and has a significant impact
on the performance of the server.

Expected:
----------------------
The client should not enter failover, because it never successfully connected, and it would
never expect to connect.

Notes:
----------------------
This was experienced using the OpenWire client, but a similar bug may exist in the STOMP client's
failover code.
The broker may also want to protect itself against this, as this is an easy attack vector
for a DDoS.  Just a couple of clients attempting to login with invalid credentials can dramatically
impact the server's performance, not just the broker.

  was:
If the ActiveMQ broker has been secured to enforce login credentials, the NMS client will
continually attempt to authenticate against it if it is using the failover protocol.

Steps to Reproduce:
----------------------
1. Configure the broker to require login credentials for connections.
2. Configure the NMS client to use failover mode.
3. Configure the NMS client with incorrect login credentials.
4. Attempt to connect the NMS client to the server.

Results:
----------------------
The client reattempts login continuously without backing off, and has a significant impact
on the performance of the server.

Expected:
----------------------
The client should exponentially back off in the same manner as it does when attempting to
reconnect to a down server.

Notes:
----------------------
This was experienced using the OpenWire client, but a similar bug may exist in the STOMP client's
failover code.
The broker may also want to protect itself against this, as this is an easy attack vector
for a DDoS.  Just a couple of clients attempting to login with invalid credentials can dramatically
impact the server's performance, not just the broker.

    
> Client with wrong credentials overloads server when using failover
> ------------------------------------------------------------------
>
>                 Key: AMQNET-415
>                 URL: https://issues.apache.org/jira/browse/AMQNET-415
>             Project: ActiveMQ .Net
>          Issue Type: Bug
>          Components: ActiveMQ, NMS
>    Affects Versions: 1.5.6
>         Environment: ActiveMQ Broker 5.6.0
>            Reporter: Jim Gomes
>            Assignee: Jim Gomes
>            Priority: Minor
>              Labels: authentication, failover
>             Fix For: 1.5.7
>
>
> If the ActiveMQ broker has been secured to enforce login credentials, the NMS client
will continually attempt to authenticate against it if it is using the failover protocol.
> Steps to Reproduce:
> ----------------------
> 1. Configure the broker to require login credentials for connections.
> 2. Configure the NMS client to use failover mode.
> 3. Configure the NMS client with incorrect login credentials.
> 4. Attempt to connect the NMS client to the server.
> Results:
> ----------------------
> The client reattempts login continuously without backing off, and has a significant impact
on the performance of the server.
> Expected:
> ----------------------
> The client should not enter failover, because it never successfully connected, and it
would never expect to connect.
> Notes:
> ----------------------
> This was experienced using the OpenWire client, but a similar bug may exist in the STOMP
client's failover code.
> The broker may also want to protect itself against this, as this is an easy attack vector
for a DDoS.  Just a couple of clients attempting to login with invalid credentials can dramatically
impact the server's performance, not just the broker.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message