You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2019/09/12 13:39:00 UTC

[jira] [Updated] (AMQ-7303) Unnecessary stack trace in case of invalid credentials

     [ https://issues.apache.org/jira/browse/AMQ-7303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré updated AMQ-7303:
--------------------------------------
    Fix Version/s: 5.15.11
                   5.16.0

> Unnecessary stack trace in case of invalid credentials
> ------------------------------------------------------
>
>                 Key: AMQ-7303
>                 URL: https://issues.apache.org/jira/browse/AMQ-7303
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.15.10
>         Environment: ActiveMQ 5.15.10 as standalone broker
>            Reporter: Lionel Cons
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>             Fix For: 5.16.0, 5.15.11
>
>
> When connecting via STOMP using invalid credentials, we get a complete stack trace:
> {code}
> 2019-09-10 14:30:16,765 [ActiveMQ NIO Worker 9] WARN Transport - Transport Connection to: tcp://192.168.1.1:50196 failed: java.io.IOException: User name [foo] or password is invalid.
> 2019-09-10 14:43:56,518 [ActiveMQ NIO Worker 9] WARN TransportConnection - Failed to add Connection id=ID:broker.acme.com-24724-1568103966879-1:1005, clientId=ID:broker.acme.com-24724-1568103966879-1:1005 due to {}
> java.lang.SecurityException: User name [foo] or password is invalid.
> 	at org.apache.activemq.security.JaasAuthenticationBroker.authenticate(JaasAuthenticationBroker.java:97)
> 	at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:68)
> 	at org.apache.activemq.security.JaasDualAuthenticationBroker.addConnection(JaasDualAuthenticationBroker.java:94)
> 	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
> 	at org.apache.activemq.plugin.AbstractRuntimeConfigurationBroker.addConnection(AbstractRuntimeConfigurationBroker.java:118)
> 	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
> 	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
> 	at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:849)
> 	at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:77)
> 	at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:139)
> 	at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:336)
> 	at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
> 	at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)
> 	at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
> 	at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)
> 	at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:177)
> 	at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:746)
> 	at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:240)
> 	at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)
> 	at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
> 	at org.apache.activemq.transport.stomp.StompCodec.processCommand(StompCodec.java:133)
> 	at org.apache.activemq.transport.stomp.StompCodec.parse(StompCodec.java:100)
> 	at org.apache.activemq.transport.stomp.StompNIOTransport.processBuffer(StompNIOTransport.java:136)
> 	at org.apache.activemq.transport.stomp.StompNIOTransport.serviceRead(StompNIOTransport.java:121)
> 	at org.apache.activemq.transport.stomp.StompNIOTransport.access$000(StompNIOTransport.java:44)
> 	at org.apache.activemq.transport.stomp.StompNIOTransport$1.onSelect(StompNIOTransport.java:73)
> 	at org.apache.activemq.transport.nio.SelectorSelection.onSelect(SelectorSelection.java:98)
> 	at org.apache.activemq.transport.nio.SelectorWorker$1.run(SelectorWorker.java:123)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> 	at java.lang.Thread.run(Thread.java:748)
> Caused by: javax.security.auth.login.FailedLoginException: User does exist
> 	at org.apache.activemq.jaas.PropertiesLoginModule.login(PropertiesLoginModule.java:92)
> 	at sun.reflect.GeneratedMethodAccessor82.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:498)
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
> 	at org.apache.activemq.security.JaasAuthenticationBroker.authenticate(JaasAuthenticationBroker.java:92)
> 	... 30 more
> {code}
> A single line should be reported, not the full stack trace.



--
This message was sent by Atlassian Jira
(v8.3.2#803003)