activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (ARTEMIS-1122) ActiveMQJAASSecurityManager class loading issue
Date Mon, 24 Apr 2017 15:08:04 GMT


ASF GitHub Bot commented on ARTEMIS-1122:

Github user asfgit closed the pull request at:

> ActiveMQJAASSecurityManager class loading issue
> -----------------------------------------------
>                 Key: ARTEMIS-1122
>                 URL:
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 2.0.0
>            Reporter: Howard Gao
>            Assignee: Howard Gao
>             Fix For:
> The ActiveMQJAASSecurityManager class uses LoginContext to validate users and roles.
LoginContext loads LoginModule classes defined in the configuration (login.config) using current
thread's context classloader.
> Normally this wouldn't be a problem but when a caller thread comes from JMX (for example
a client calls QueueControl.sendMessage() via JMX) the caller thread has a different context
class loader. This will cause the LoginContext fails to load the LoginModule class (e.g.
and the validation will fail even correct credentials are supplied.

This message was sent by Atlassian JIRA

View raw message