You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Gordon Sim (JIRA)" <qp...@incubator.apache.org> on 2010/05/06 11:30:47 UTC
[jira] Created: (QPID-2570) Broker uses NotAllowedException for ACL
violations, should use UnauthorisedAccessException
Broker uses NotAllowedException for ACL violations, should use UnauthorisedAccessException
------------------------------------------------------------------------------------------
Key: QPID-2570
URL: https://issues.apache.org/jira/browse/QPID-2570
Project: Qpid
Issue Type: Bug
Components: C++ Broker
Affects Versions: 0.6
Reporter: Gordon Sim
Assignee: Gordon Sim
Fix For: 0.7
The broker uses NotAllowedException[1] in most places when authorisation fails. This seems wrong to me as NotAllowedException is used for specific types of invalid command requests (e.g. declaring an existing exchange with a different type, or trying to create exchanges with prohibited prefixes). As it stands it is not possible to reliably distinguish between these two very different situations in code.
A more appropriate exception for authorisation failures would be UnauthorisedAccessException[2] which is only used in one place (when a message is sent with a userid that differs from the authenticated id).
Obviously this breaks backwards compatibility to a degree, but I think in this case it is justified. At worst it would require applications to reconsider catching UnauthorizedAccessException wherever they are currently explicitly catching NotAllowedException.
[1] Described in specification as indicating: "The peer tried to use a command a manner that is inconsistent with the rules described in the specification."
[2] Described in specification as indicating: "The client attempted to work with a server entity to which it has no access due to security settings."
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] Resolved: (QPID-2570) Broker uses NotAllowedException for
ACL violations, should use UnauthorisedAccessException
Posted by "Gordon Sim (JIRA)" <qp...@incubator.apache.org>.
[ https://issues.apache.org/jira/browse/QPID-2570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gordon Sim resolved QPID-2570.
------------------------------
Resolution: Fixed
Resolved by r941636.
> Broker uses NotAllowedException for ACL violations, should use UnauthorisedAccessException
> ------------------------------------------------------------------------------------------
>
> Key: QPID-2570
> URL: https://issues.apache.org/jira/browse/QPID-2570
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Affects Versions: 0.6
> Reporter: Gordon Sim
> Assignee: Gordon Sim
> Fix For: 0.7
>
>
> The broker uses NotAllowedException[1] in most places when authorisation fails. This seems wrong to me as NotAllowedException is used for specific types of invalid command requests (e.g. declaring an existing exchange with a different type, or trying to create exchanges with prohibited prefixes). As it stands it is not possible to reliably distinguish between these two very different situations in code.
> A more appropriate exception for authorisation failures would be UnauthorisedAccessException[2] which is only used in one place (when a message is sent with a userid that differs from the authenticated id).
> Obviously this breaks backwards compatibility to a degree, but I think in this case it is justified. At worst it would require applications to reconsider catching UnauthorizedAccessException wherever they are currently explicitly catching NotAllowedException.
> [1] Described in specification as indicating: "The peer tried to use a command a manner that is inconsistent with the rules described in the specification."
> [2] Described in specification as indicating: "The client attempted to work with a server entity to which it has no access due to security settings."
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org