You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2021/02/08 15:51:00 UTC
[jira] [Resolved] (ARTEMIS-2959) Validate against cluster user name
uniqueness
[ https://issues.apache.org/jira/browse/ARTEMIS-2959?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram resolved ARTEMIS-2959.
-------------------------------------
Fix Version/s: (was: 2.17.0)
Resolution: Won't Do
Given that security is pluggable (e.g. via customer SecurityManager implementations as well as customer JAAS login modules) I don't see how the broker can reliably detect whether or not the {{cluster-user}} exists in the security repository.
> Validate against cluster user name uniqueness
> ---------------------------------------------
>
> Key: ARTEMIS-2959
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2959
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: Broker
> Affects Versions: 2.15.0
> Reporter: Howard Gao
> Priority: Minor
>
> The broker has a special cluster user and cluster password and when doing
> authentication it always check the cluster user first.
> If user configures a cluster user name that is the same as one of it's
> normal users, the broker always authenticate that normal user
> against the cluster password which is not right and probably failed
> authentication as the cluster password usually not the same as
> the normal user's password.
> To avoid such a case the broker should check the configuration
> during startup and if the cluster user name collides with a normal
> user name, it should report as an error.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)