You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (JIRA)" <ji...@apache.org> on 2018/04/05 23:12:00 UTC
[jira] [Updated] (ARTEMIS-1629) Set clientID on STOMP connections
before authentication
[ https://issues.apache.org/jira/browse/ARTEMIS-1629?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram updated ARTEMIS-1629:
------------------------------------
Summary: Set clientID on STOMP connections before authentication (was: In ActiveMQSecurityManager3#validateUser calling remoteConnection.getClientID() returns null)
> Set clientID on STOMP connections before authentication
> -------------------------------------------------------
>
> Key: ARTEMIS-1629
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1629
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: STOMP
> Affects Versions: 2.4.0
> Environment: Artemis 2.5.0-SNAPSHOT
> Reporter: Johan Stenberg
> Assignee: Justin Bertram
> Priority: Major
> Fix For: 2.5.0
>
> Attachments: Artemis1629Test.java
>
>
> We are using a custom security manager in our setup. Opposite to other protocols (e.g. AMQP), executing *remotingConnection.getClientID()* returns null for StompConnections when accessed from within ActiveMQSecurityManager3#validateUser(String, String, RemotingConnection).
> We however already need to know the client at this time as we perform certain validations/on-the-fly configurations based on the value.
> The issue would be solved if the statement *connection.setClientID(clientID);* from [https://github.com/apache/activemq-artemis/blob/master/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v10/StompFrameHandlerV10.java#L56] would be moved two lines up before *if (connection.validateUser(login, passcode, connection)) {*
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)