You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "JAkub Scholz (JIRA)" <ji...@apache.org> on 2012/12/21 13:57:12 UTC
[jira] [Commented] (QPID-4520) The deletion of autodelete queue
requires ACL rights for deleting the queue
[ https://issues.apache.org/jira/browse/QPID-4520?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13537834#comment-13537834 ]
JAkub Scholz commented on QPID-4520:
------------------------------------
>From the technical point of view, the method unregisterSubscription of AMQSimpleQueue is calling the delete() method for deleting the queue. The delete() method is called from many other places which include the ACL validation. Therefore it does the validation. I see two possible solutions:
1) split the method into two methods - "realDelete" method which would do the queue deletions and the "delete" method which will do the authorization and call the realDelete. The methods like unregisterSubscription can then call the "realDelete" directly, while the methods requiring the authorization would continue to call the "delete" method.
2) Add an option "skipAuthorization" to the existing delete() method. By default, this option will be set to false, but when calling the delete() from unregisterSubscription(...), it can be called with skipping the authorization.
*Please let me know whether you agree with skipping the authorization when autodeleting queues and eventually which fix would you prefer and I can try to prepare some patch.*
> The deletion of autodelete queue requires ACL rights for deleting the queue
> ---------------------------------------------------------------------------
>
> Key: QPID-4520
> URL: https://issues.apache.org/jira/browse/QPID-4520
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.21
> Environment: Java broker (trunk) / Java 1.6 / RHEL 6.3
> Reporter: JAkub Scholz
> Priority: Minor
>
> When a user creates an autodelete queue, it should be deleted when the last user disconnects from the queue. This seems to work fine in general. But in some specific situations, the autodelete queue isn't deleted. As an example, following scenario causes problems:
> 1) Enable ACL
> 2) Add user account the right to create the queue as autodelete queue in ACL file. Do not give the user the right to delete the queue.
> 3) Connect with the user and create the queue
> 4) Disconnect the user
> 5) The broker attempts to delete the queue, but fails because the user doesn't have the ACL rights to delete the queue
> 6) The queue remains in the system
> This scenario is a bit artificial, because it can be seen as mis-configuration (i.e. giving the possibility to create the queue and not to delete the queue). But I can imagine a situation when one user creates the queue as autodelete and other users connect to this queue to read from it. The other users might not be supposed to delete the queue under normal circumstances, the queeu should just get deleted after the last user disconnects.
> *In my opinion, the autodeletion should be preferred against the ACL rights.*
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org