activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From clebertsuconic <...@git.apache.org>
Subject [GitHub] activemq-artemis pull request #701: ARTEMIS-592 finer-grained security for q...
Date Wed, 03 Aug 2016 22:49:30 GMT
Github user clebertsuconic commented on a diff in the pull request:

    https://github.com/apache/activemq-artemis/pull/701#discussion_r73435791
  
    --- Diff: artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
---
    @@ -420,10 +420,20 @@ public ServerConsumer createConsumer(final long consumerID,
           }
     
           if (browseOnly) {
    -         securityCheck(binding.getAddress(), CheckType.BROWSE, this);
    +         try {
    +            securityCheck(binding.getAddress(), CheckType.BROWSE, this);
    +         }
    +         catch (Exception e) {
    +            securityCheck(binding.getAddress().concat(".").concat(queueName), CheckType.BROWSE,
this);
    --- End diff --
    
    I agree with concatenating the address with the queueName, as long as is documented and
would make sense for users.
    
    
    I'm a bit confused on why you would need to catch the exception and redo the verification.
I would think you would need the opposite.. in case it passed? In case the address verification
failed.
    
    
    I guess I don't fully understand the use case. we should talk through IRC so we can interact
a bit better.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message