activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Schultz (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMQ-3883) activemq-jaas authorization doesn't work with Karaf JAAS LoginModule
Date Tue, 10 Jun 2014 23:21:02 GMT

    [ https://issues.apache.org/jira/browse/AMQ-3883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14027196#comment-14027196
] 

Chris Schultz commented on AMQ-3883:
------------------------------------

I have review the code for LDAP Authorisation (within Karaf/Fuse 6.1) and this also doesn't
work due to using the {{map.getGroupClass()}} method.:

{code:title=SimpleCachedLDAPAuthorizationMap.java}

DefaultAuthorizationMap map = this.map.get();
                if (group && !user) {
                    try {
                        members.add(DefaultAuthorizationMap.createGroupPrincipal(principalName,
map.getGroupClass()));
                    } catch (Exception e) {
                        NamingException ne = new NamingException(
                            "Can't create a group " + principalName + " of class " + map.getGroupClass());
                        ne.initCause(e);
                        throw ne;
                    }
                } else if (!group && user) {
                    members.add(new UserPrincipal(principalName));
                }

{code}

> activemq-jaas authorization doesn't work with Karaf JAAS LoginModule
> --------------------------------------------------------------------
>
>                 Key: AMQ-3883
>                 URL: https://issues.apache.org/jira/browse/AMQ-3883
>             Project: ActiveMQ
>          Issue Type: Improvement
>    Affects Versions: 5.6.0
>            Reporter: Freeman Fang
>            Assignee: Dejan Bosanac
>             Fix For: 5.9.0
>
>         Attachments: AMQ-3883.patch
>
>
> currently activemq-jaas can't work with karaf loginModule, the reason comes from the
compare between
> amq GroupPrincipal and karaf UserPrincipal/RolePrincipal doesn't work
> More details please see[1].
> We have a similar issue in Servicemix NMR[2] and the fix can honor the compare between
> amq GroupPrincipal and karaf UserPrincipal/RolePrincipal yet not introduce any dependency
between activemq-jaas and karaf jaas.
> [1]http://karaf.922171.n3.nabble.com/Karaf-ActiveMQ-authorization-problem-td4024834.html
> [2]https://issues.apache.org/jira/browse/SMX4NMR-283



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message