Return-Path: Delivered-To: apmail-activemq-users-archive@www.apache.org Received: (qmail 43802 invoked from network); 27 May 2008 12:18:32 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 27 May 2008 12:18:32 -0000 Received: (qmail 51832 invoked by uid 500); 27 May 2008 12:18:32 -0000 Delivered-To: apmail-activemq-users-archive@activemq.apache.org Received: (qmail 51808 invoked by uid 500); 27 May 2008 12:18:32 -0000 Mailing-List: contact users-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@activemq.apache.org Delivered-To: mailing list users@activemq.apache.org Received: (qmail 51791 invoked by uid 99); 27 May 2008 12:18:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 May 2008 05:18:32 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of chubrilo@gmail.com designates 66.249.92.170 as permitted sender) Received: from [66.249.92.170] (HELO ug-out-1314.google.com) (66.249.92.170) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 May 2008 12:17:44 +0000 Received: by ug-out-1314.google.com with SMTP id u2so454660uge.5 for ; Tue, 27 May 2008 05:17:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; bh=05J3uWKiKr8t3t5Jeh1mKeSoO0R8laWd3vz7XRpCxf8=; b=gG3sw4BuXhtQu92fDaoY88EXJi8xFtLgpuU0DaeQVSuj7DvvUMmZN4GNDLOkJPAdXn6IHLOt4OEEfu6Wole55mfWJjoOjpm3ADtxOByQ8en2tt9URlqacCCtpmRbgpsWlxvSKL7+ELNMtuSBSenYOPU52kKcFbiZmSFiXb8eM2U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; b=js3B5B6LGCqnkaKqJaNeR/Ytat3mXXq31Xtv/9jtXPsc6ewLJRcvhwXLAdQ58SOL6xiFcS0TPdVL2d7V5BxSozShuAP+TNNniD5RNmhEz+L9CBNVmCeTAX1pzowHro9jT2nLpcNKZ3yU+R9TG2dpeJpGJWpvciR+LB4s0+PidUg= Received: by 10.66.224.19 with SMTP id w19mr3848324ugg.58.1211890677935; Tue, 27 May 2008 05:17:57 -0700 (PDT) Received: by 10.66.237.3 with HTTP; Tue, 27 May 2008 05:17:57 -0700 (PDT) Message-ID: <36e91d9d0805270517h7017846cx38ef095839b156c4@mail.gmail.com> Date: Tue, 27 May 2008 14:17:57 +0200 From: "Dejan Bosanac" Sender: chubrilo@gmail.com To: users@activemq.apache.org Subject: Re: Secutiry and Predefined Destinations In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_17345_24728814.1211890677882" References: <17370190.post@talk.nabble.com> <17432647.post@talk.nabble.com> <17440643.post@talk.nabble.com> X-Google-Sender-Auth: 89a34581c53307f2 X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_17345_24728814.1211890677882 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I've created Jira issue and attached a patch with test case and a simple solution. Basically, AuthorizationBroker now checks whether destination exists before it tries to authorize user and create it. All other security tests are green, so I guess it should do the trick. Cheers -- Dejan Bosanac www.scriptinginjava.net ------=_Part_17345_24728814.1211890677882--