You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "André Hurschler (Jira)" <ji...@apache.org> on 2021/11/16 22:59:00 UTC
[jira] [Created] (ARTEMIS-3582) random AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /172.27.48.12:49550. Username: lot-sfmsri.fenmqprd; SSL certificate subject DN: unavailable
André Hurschler created ARTEMIS-3582:
----------------------------------------
Summary: random AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /172.27.48.12:49550. Username: lot-sfmsri.fenmqprd; SSL certificate subject DN: unavailable
Key: ARTEMIS-3582
URL: https://issues.apache.org/jira/browse/ARTEMIS-3582
Project: ActiveMQ Artemis
Issue Type: Bug
Components: Broker
Affects Versions: 2.19.0
Reporter: André Hurschler
With different random users we get the following error message:
AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /172.27.48.12:49550. Username: lot-sfmsri.fenmqprd; SSL certificate subject DN: unavailable
16.11.21 23:05:03,150
2021-11-16 23:05:03,150 WARN [org.apache.activemq.artemis.core.client] AMQ212037: Connection failure to /172.27.48.12:49478 has been detected: User name [lot-sfmsri.fenmqprd] or password is invalid. [code=GENERIC_EXCEPTION]
component = org.apache.activemq.artemis.core.clienthost = fenacosrv43113log_level = WARNsource = /amq_prd/log/artemis.log
After a restart of the Broker other Users have the same Problem.
We use an ActiveDirectory as the LDAP directory
activemq {
/*
org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient
debug=false
reload=true
org.apache.activemq.jaas.properties.user="artemis-users.properties"
org.apache.activemq.jaas.properties.role="artemis-roles.properties";
org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient
debug=false
org.apache.activemq.jaas.guest.user="admin"
org.apache.activemq.jaas.guest.role="amq";
*/
org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule sufficient
debug=true
initialContextFactory="com.sun.jndi.ldap.LdapCtxFactory"
/*
connectionURL - specify the location of the directory server using an ldap URL, ldap://Host:Port.
You can optionally qualify this URL, by adding a forward slash, /, followed by the DN of a particular node in the directory tree.
For example, ldap://ldapserver:10389/ou=system.
*/
/*
connectionURL="ldap://main.corp.fenaco.com:389/"
*/
connectionURL="ldap://ad-ldap-rzsur.main.corp.fenaco.com:389/"
/*
authentication - specifies the authentication method used when binding to the LDAP server. Can take either of the values,
- simple (username and password),
- GSSAPI (Kerberos SASL) or
- none (anonymous)
*/
authentication="simple"
--
This message was sent by Atlassian Jira
(v8.20.1#820001)