You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/03/22 20:03:00 UTC

[jira] [Work logged] (ARTEMIS-3150) wrong username in error message for AMQP connections

     [ https://issues.apache.org/jira/browse/ARTEMIS-3150?focusedWorklogId=570001&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-570001 ]

ASF GitHub Bot logged work on ARTEMIS-3150:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 22/Mar/21 20:02
            Start Date: 22/Mar/21 20:02
    Worklog Time Spent: 10m 
      Work Description: clebertsuconic opened a new pull request #3510:
URL: https://github.com/apache/activemq-artemis/pull/3510


   The local connections and sessions created internally were supposed to bypass security
   just like bridges and other internal components


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 570001)
    Remaining Estimate: 0h
            Time Spent: 10m

> wrong username in error message for AMQP connections
> ----------------------------------------------------
>
>                 Key: ARTEMIS-3150
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3150
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 2.17.0
>            Reporter: Erwin Dondorp
>            Priority: Minor
>         Attachments: A.log, B.log, brokerA.xml, brokerB.xml, login.config
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> I'm connecting independent brokers A and B using the {{broker-connections}} mechanism. A connects to B.
> Using URI, NAME, USER and PASSWORD attributes. The password is wrong on purpose.
> On the A side, the error message is:
> {noformat}
> AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from B/192.168.208.3:5672. Username: null; SSL certificate subject DN: unavailable
> {noformat}
> which btw is immediately shown also as an exception:
> {noformat}
> AMQ229031: Unable to validate user from shore01/192.168.208.3:5672. Username: null; SSL certificate subject DN: unavailable: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ229031: Unable to validate user from B/192.168.208.3:5672. Username: null; SSL certificate subject DN: unavailable]
> {noformat}
> both the message and the exception show {{Username: null}}, which is not the given username.
> On the B side, the error message is:
> {noformat}
> AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /192.168.208.2:38180. Username: UUUU; SSL certificate subject DN: unavailable
> {noformat}
> this message shows the correct username.
> So the error message that gets returned from B to A is not the same and has less useful information.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)