activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ARTEMIS-1545) JMS MessageProducer fails to expose exception on send when message is sent non-persistent, but not authorised
Date Mon, 18 Dec 2017 13:50:00 GMT

    [ https://issues.apache.org/jira/browse/ARTEMIS-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16295007#comment-16295007
] 

ASF GitHub Bot commented on ARTEMIS-1545:
-----------------------------------------

Github user mtaylor commented on the issue:

    https://github.com/apache/activemq-artemis/pull/1722
  
    1. Should be fine.  Just add an if when you're decoding to check that there's data on
the buffer when you're decoding.  If yes, try to decode the rest, if not then set the defaults.
 I've done this a lot in the past with journal records, I can't see an issue with doing on
it with Packets either.  @clebertsuconic Can you see a problem with this?


> JMS MessageProducer fails to expose exception on send when message is sent non-persistent,
but not authorised
> -------------------------------------------------------------------------------------------------------------
>
>                 Key: ARTEMIS-1545
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1545
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Michael Andre Pearce
>
> When sending persistent, behaviour is blocking and a Security exception is thrown. The
same behaviour that the client is exposed to the client when sending non-persistent, so that
a client could log or take action asynchronously. 
> This can be recreated easily by the following:
> Add the following security section , that means guest is not auth'd to send to "guest.cannot.send"
> activemq-artemis/tests/jms-tests/src/test/resources/broker.xml
>  <security-setting match="guest.cannot.send">
>                <permission type="createDurableQueue" roles="guest,def"/>
>                <permission type="deleteDurableQueue" roles="guest,def"/>
>                <permission type="createNonDurableQueue" roles="guest,def"/>
>                <permission type="deleteNonDurableQueue" roles="guest,def"/>
>                <permission type="consume" roles="guest,def"/>
>                <permission type="browse" roles="guest,def"/>
>                <permission type="send" roles="def"/>
>            </security-setting>
> Then add the following tests to this test (first is proving exception correctly is thrown
when persistent is sent using jms api, and second shows behaviour difference and no error):
> activemq-artemis/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java
>   /**
>     * Login with valid user and password
>     * But try send to address not authorised - Persistent
>     * Should not allow and should throw exception
>     */
>    @Test
>    public void testLoginValidUserAndPasswordButNotAuthorisedToSend() throws Exception
{
>       ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616");
>       Connection connection = connectionFactory.createConnection("guest", "guest");
>       Session session = connection.createSession();
>       Destination destination = session.createQueue("guest.cannot.send");
>       MessageProducer messageProducer = session.createProducer(destination);
>       try {
>          messageProducer.send(session.createTextMessage("hello"));
>          fail("JMSSecurityException expected as guest is not allowed to send");
>       } catch (JMSSecurityException activeMQSecurityException){
>          //pass
>       }
>       connection.close();
>    }
>    /**
>     * Login with valid user and password
>     * But try send to address not authorised - Non Persistent.
>     * Should have same behaviour as Persistent with exception on send.
>     */
>    @Test
>    public void testLoginValidUserAndPasswordButNotAuthorisedToSendNonPersistent() throws
Exception {
>       ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616");
>       Connection connection = connectionFactory.createConnection("guest", "guest");
>       Session session = connection.createSession();
>       Destination destination = session.createQueue("guest.cannot.send");
>       MessageProducer messageProducer = session.createProducer(destination);
>       messageProducer.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
>       try {
>          messageProducer.send(session.createTextMessage("hello"));
>          fail("JMSSecurityException expected as guest is not allowed to send");
>       } catch (JMSSecurityException activeMQSecurityException){
>          //pass
>       }
>       connection.close();
>    }



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message