You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by jb...@apache.org on 2022/07/20 16:36:35 UTC
[activemq-artemis] branch main updated: ARTEMIS-3892 fix tests, add docs
This is an automated email from the ASF dual-hosted git repository.
jbertram pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push:
new a2262612ca ARTEMIS-3892 fix tests, add docs
a2262612ca is described below
commit a2262612ca5169a4e4c07454ba3f09012e02cada
Author: Justin Bertram <jb...@apache.org>
AuthorDate: Wed Jul 20 11:35:15 2022 -0500
ARTEMIS-3892 fix tests, add docs
---
.../core/server/impl/ServerSessionImpl.java | 6 ++++-
docs/user-manual/en/versions.md | 26 +++++++++++++++++-----
.../management/ActiveMQServerControlTest.java | 2 +-
3 files changed, 26 insertions(+), 8 deletions(-)
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
index eefb0c2c8f..5057d362e1 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ServerSessionImpl.java
@@ -1996,7 +1996,11 @@ public class ServerSessionImpl implements ServerSession, FailureListener {
@Override
public String getValidatedUser() {
- return validatedUser;
+ /*
+ * Security is often disabled in tests so if the validated user is null
+ * then just return the username supplied directly from the client.
+ */
+ return validatedUser != null ? validatedUser : username;
}
@Override
diff --git a/docs/user-manual/en/versions.md b/docs/user-manual/en/versions.md
index 63e18252b8..69a5dbd4e3 100644
--- a/docs/user-manual/en/versions.md
+++ b/docs/user-manual/en/versions.md
@@ -16,12 +16,26 @@ Highlights:
#### Upgrading from older versions
-Due to [ARTEMIS-3851](https://issues.apache.org/jira/browse/ARTEMIS-3851) the queue
-created for an MQTT 3.x subscriber using `CleanSession=1` is now **non-durable**
-rather than durable. This may impact `security-settings` for MQTT clients which
-previously only had `createDurableQueue` for their role. They will now need
-`createNonDurableQueue` as well. Again, this only has potential impact for MQTT 3.x
-clients using `CleanSession=1`.
+ 1. Due to [ARTEMIS-3851](https://issues.apache.org/jira/browse/ARTEMIS-3851)
+ the queue created for an MQTT 3.x subscriber using `CleanSession=1` is now
+ **non-durable** rather than durable. This may impact `security-settings`
+ for MQTT clients which previously only had `createDurableQueue` for their
+ role. They will now need `createNonDurableQueue` as well. Again, this only
+ has potential impact for MQTT 3.x clients using `CleanSession=1`.
+ 2. Due to [ARTEMIS-3892](https://issues.apache.org/jira/browse/ARTEMIS-3892)
+ the username assigned to queues will be based on the **validated** user
+ rather than just the username submitted by the client application. This
+ will impact use-cases like the following:
+ 1. When `login.config` is configured with the [`GuestLoginModule`](security.md#guestloginmodule)
+ which causes some users to be assigned a specific username and role
+ during the authentication process.
+ 2. When `login.config` is configured with the [`CertificateLoginModule`](security.md#certificateloginmodule)
+ which causes users to be assigned a username and role corresponding to
+ the subject DN from their SSL certificate.
+
+ In these kinds of situations the broker will use this assigned (i.e.
+ validated) username for any queues created with the connection. In the past
+ the queue's username would have been left blank.
## 2.23.1
[Full release notes](https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12351846&projectId=12315920)
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
index f274e2aa77..592aa5fb2a 100644
--- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/management/ActiveMQServerControlTest.java
@@ -2929,7 +2929,7 @@ public class ActiveMQServerControlTest extends ManagementTestBase {
Assert.assertNotEquals("consumerCount", "", array.getJsonObject(0).getString("consumerCount"));
Assert.assertEquals("maxConsumers", "-1", array.getJsonObject(0).getString("maxConsumers"));
Assert.assertEquals("autoCreated", "false", array.getJsonObject(0).getString("autoCreated"));
- Assert.assertEquals("user", "", array.getJsonObject(0).getString("user"));
+ Assert.assertEquals("user", "guest", array.getJsonObject(0).getString("user"));
Assert.assertNotEquals("routingType", "", array.getJsonObject(0).getString("routingType"));
Assert.assertEquals("messagesAdded", "0", array.getJsonObject(0).getString("messagesAdded"));
Assert.assertEquals("messageCount", "0", array.getJsonObject(0).getString("messageCount"));