Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id D19F6200D5F for ; Mon, 18 Dec 2017 12:09:04 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id D01EA160C29; Mon, 18 Dec 2017 11:09:04 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id F061B160BF9 for ; Mon, 18 Dec 2017 12:09:03 +0100 (CET) Received: (qmail 21662 invoked by uid 500); 18 Dec 2017 11:09:03 -0000 Mailing-List: contact issues-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list issues@activemq.apache.org Received: (qmail 21653 invoked by uid 99); 18 Dec 2017 11:09:03 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Dec 2017 11:09:03 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id B7DDC1808B7 for ; Mon, 18 Dec 2017 11:09:02 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.202 X-Spam-Level: X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id eqKD-HQgUEZD for ; Mon, 18 Dec 2017 11:09:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 3254D5F5C6 for ; Mon, 18 Dec 2017 11:09:01 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id A62DCE0026 for ; Mon, 18 Dec 2017 11:09:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 6756D212F7 for ; Mon, 18 Dec 2017 11:09:00 +0000 (UTC) Date: Mon, 18 Dec 2017 11:09:00 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: issues@activemq.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ARTEMIS-1545) JMS MessageProducer fails to expose exception on send when message is sent non-persistent, but not authorised MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Mon, 18 Dec 2017 11:09:05 -0000 [ https://issues.apache.org/jira/browse/ARTEMIS-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16294816#comment-16294816 ] ASF GitHub Bot commented on ARTEMIS-1545: ----------------------------------------- Github user mtaylor commented on the issue: https://github.com/apache/activemq-artemis/pull/1722 @michaelandrepearce In general I think this looks good. The only thing I am not seeing here is backwards compat between the new client and an old server. There are two ways you can easily handle this: 1. Instead of creating new SessionSend V2 Packets, you can just extend the old one and add the extra bits at the end of the buffer. This would mean the old server can still decode the message. (It would just ignore the last couple bytes). 2. Check to see if the server version >= 130 and create the appropriate packets. @clebertsuconic has just ported/extended a backwards compat framework in another PR. Once this is merged you should be able to easily test for this. > JMS MessageProducer fails to expose exception on send when message is sent non-persistent, but not authorised > ------------------------------------------------------------------------------------------------------------- > > Key: ARTEMIS-1545 > URL: https://issues.apache.org/jira/browse/ARTEMIS-1545 > Project: ActiveMQ Artemis > Issue Type: Bug > Reporter: Michael Andre Pearce > > When sending persistent, behaviour is blocking and a Security exception is thrown. The same behaviour that the client is exposed to the client when sending non-persistent, so that a client could log or take action asynchronously. > This can be recreated easily by the following: > Add the following security section , that means guest is not auth'd to send to "guest.cannot.send" > activemq-artemis/tests/jms-tests/src/test/resources/broker.xml > > > > > > > > > > Then add the following tests to this test (first is proving exception correctly is thrown when persistent is sent using jms api, and second shows behaviour difference and no error): > activemq-artemis/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java > /** > * Login with valid user and password > * But try send to address not authorised - Persistent > * Should not allow and should throw exception > */ > @Test > public void testLoginValidUserAndPasswordButNotAuthorisedToSend() throws Exception { > ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616"); > Connection connection = connectionFactory.createConnection("guest", "guest"); > Session session = connection.createSession(); > Destination destination = session.createQueue("guest.cannot.send"); > MessageProducer messageProducer = session.createProducer(destination); > try { > messageProducer.send(session.createTextMessage("hello")); > fail("JMSSecurityException expected as guest is not allowed to send"); > } catch (JMSSecurityException activeMQSecurityException){ > //pass > } > connection.close(); > } > /** > * Login with valid user and password > * But try send to address not authorised - Non Persistent. > * Should have same behaviour as Persistent with exception on send. > */ > @Test > public void testLoginValidUserAndPasswordButNotAuthorisedToSendNonPersistent() throws Exception { > ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616"); > Connection connection = connectionFactory.createConnection("guest", "guest"); > Session session = connection.createSession(); > Destination destination = session.createQueue("guest.cannot.send"); > MessageProducer messageProducer = session.createProducer(destination); > messageProducer.setDeliveryMode(DeliveryMode.NON_PERSISTENT); > try { > messageProducer.send(session.createTextMessage("hello")); > fail("JMSSecurityException expected as guest is not allowed to send"); > } catch (JMSSecurityException activeMQSecurityException){ > //pass > } > connection.close(); > } -- This message was sent by Atlassian JIRA (v6.4.14#64029)