activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonas Lim <j...@exist.com>
Subject Re: tempDestinationAuthorizationEntry does not work for consumers
Date Thu, 15 Feb 2007 03:06:11 GMT
Good catch Lorne! 

Added a patch for this issue on the svn trunk r507792. 

https://issues.apache.org/activemq/browse/AMQ-1163

Regards,
Jonas

Lorne Wilson wrote:
> Folks,
>
> I've been trying to use the tempDestinationAuthorizationEntry feature in 4.2
> and I think I've found a problem. If I set up a consumer of the temp queue
> and add it to the read permission, it always reports that I don't have
> permission to read the queue. However, if I add that consumer to the write
> permission on the queue it works like a charm.
>
> Looking at the source I think I have discovered a bulk copy/paste problem.
> If you look at
> org.apache.activemq.security.AuthorizationBroker.addConsumer() in the source
> trunk, you will see this little piece of code a couple of lines from the top
> of the method:
>
>         if(!info.getDestination().isTemporary()) {
>             allowedACLs =
> authorizationMap.getReadACLs(info.getDestination());
>         }else {
>         	allowedACLs = authorizationMap.getTempDestinationWriteACLs();
>         }
>
> Note that it gets the TempDestinationWriteACLs(), even though if we are not
> a temp queue it gets the ReadACLs().  If you look in addProducer() you can
> see a similar piece of code that might be where this copy originated.
>
> I am using what looks to be the latest 4.2 SNAPSHOT (file:
> apache-activemq-4.2-20070214.034812-3.zip).
>
>    lorne
>
>
>
>
>   

Mime
View raw message