You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/01/23 09:10:00 UTC

[jira] [Commented] (ARTEMIS-1629) In ActiveMQSecurityManager3#validateUser calling remoteConnection.getClientID() returns null

    [ https://issues.apache.org/jira/browse/ARTEMIS-1629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16335539#comment-16335539 ] 

ASF GitHub Bot commented on ARTEMIS-1629:
-----------------------------------------

GitHub user jostbg opened a pull request:

    https://github.com/apache/activemq-artemis/pull/1806

    [ARTEMIS-1629] Set connection.clientID before executing ...

    connection#validateUser

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jostbg/activemq-artemis ARTEMIS-1629

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq-artemis/pull/1806.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1806
    
----
commit 7b92bbef1c708671a87cc97ec6501f8b72d6601c
Author: Johan Stenberg <35...@...>
Date:   2018-01-23T09:09:02Z

    [ARTEMIS-1629] Set connection.clientID before executing connection#validateUser

----


> In ActiveMQSecurityManager3#validateUser calling remoteConnection.getClientID() returns null
> --------------------------------------------------------------------------------------------
>
>                 Key: ARTEMIS-1629
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1629
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: STOMP
>    Affects Versions: 2.4.0
>         Environment: Artemis 2.5.0-SNAPSHOT
>            Reporter: Johan Stenberg
>            Assignee: Justin Bertram
>            Priority: Major
>
> We are using a custom security manager in our setup. Opposite to other protocols (e.g. AMQP), executing *remotingConnection.getClientID()* returns null for StompConnections when accessed from within ActiveMQSecurityManager3#validateUser(String, String, RemotingConnection).
> We however already need to know the client at this time as we perform certain validations/on-the-fly configurations based on the value.
> The issue would be solved if the statement *connection.setClientID(clientID);* from [https://github.com/apache/activemq-artemis/blob/master/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/v10/StompFrameHandlerV10.java#L56] would be moved two lines up before *if (connection.validateUser(login, passcode, connection)) {*
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)