activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMQ-5814) Wrong with role-based authorization when using right permission
Date Thu, 02 Jul 2015 12:36:05 GMT

    [ https://issues.apache.org/jira/browse/AMQ-5814?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14611887#comment-14611887
] 

ASF GitHub Bot commented on AMQ-5814:
-------------------------------------

GitHub user cshannon opened a pull request:

    https://github.com/apache/activemq/pull/125

    https://issues.apache.org/jira/browse/AMQ-5814

    This fixes an issue where a producer's connection context was being
    used to create a subscription instead of the consumer's context
    which could lead to permission check failures.
    
    Thanks to hongphu8790@gmail.com for providing the test case.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/cshannon/activemq AMQ-5814

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq/pull/125.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #125
    
----
commit ef552fcc8bb14eea33170019aca2850e3c03467d
Author: Christopher L. Shannon (cshannon) <christopher.l.shannon@gmail.com>
Date:   2015-07-02T12:33:16Z

    https://issues.apache.org/jira/browse/AMQ-5814
    
    This fixes an issue where a producer's connection context was being
    used to create a subscription instead of the consumer's context
    which could lead to permission check failures.
    
    Thanks to hongphu8790@gmail.com for providing the test case.

----


> Wrong with role-based authorization when using right permission
> ---------------------------------------------------------------
>
>                 Key: AMQ-5814
>                 URL: https://issues.apache.org/jira/browse/AMQ-5814
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker, MQTT
>    Affects Versions: 5.10.0, 5.10.2, 5.11.0, 5.11.1
>         Environment: Unix, Windows
>            Reporter: PhuNH5-VTICT
>            Priority: Critical
>             Fix For: 5.12.0
>
>         Attachments: activemq-snapshot-5.12-20150529.223833.txt
>
>
> Since version 5.10, the problem has been caused by broker. It was behaving wrong with
role-based authorization. I have configured right SimpleAuthorization plugin but no luck.
 
> I guess it has problem from -AMQ-5160- 
> Here my test cases on github, please review and let me know if you have any questions:
https://github.com/hongphu8790/activemq/tree/master/mqtt-authorization-test
> Project test-case descriptions:
> - Using debug mode for broker to view detail
> problem.
> - Repeat with pom.xml file 
> + With AMQ 5.9.1 (it will pass all test cases)
> + With AMQ >= 5.10.0 (it will pass only test cases with using publisher have super
permission
> Here my log occurred when the test case failed:
> {code:title=Log debug mode - activemq.log|borderStyle=solid}
> 2015-05-29 10:30:24,746 | DEBUG | AbstractRegion                 | Subscription denied
for TopicSubscription: consumer=ID:XXXXXX-50828-1432870224218-2:2:-1:1, destinations=0, dispatched=0,
delivered=0, matched=0, discarded=0 to destination topic://dcu.id: User publisher is not authorized
to read from: topic://dcu.id
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message