You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Lionel Cons (Jira)" <ji...@apache.org> on 2022/03/18 11:58:00 UTC
[jira] [Updated] (AMQ-8548) Unnecessary stack trace in case of security violation
[ https://issues.apache.org/jira/browse/AMQ-8548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lionel Cons updated AMQ-8548:
-----------------------------
Description:
In case of security violation with STOMP, we get an unnecessary stack trace:
{code}
2022-03-17T14:46:04.826+0100 [ActiveMQ NIO Worker 31810] WARN Service - Async error occurred
java.lang.SecurityException: User joe is not authorized to write to: queue://foo.bar
at org.apache.activemq.security.AuthorizationBroker.send(AuthorizationBroker.java:221)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.util.TimeStampingBrokerPlugin.send(TimeStampingBrokerPlugin.java:132)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.TransportConnection.processMessage(TransportConnection.java:580)
at org.apache.activemq.command.ActiveMQMessage.visit(ActiveMQMessage.java:769)
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:335)
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)
at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)
at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:179)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompSend(ProtocolConverter.java:347)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:237)
at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)
at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
at org.apache.activemq.transport.stomp.StompCodec.processCommand(StompCodec.java:133)
at org.apache.activemq.transport.stomp.StompCodec.parse(StompCodec.java:119)
at org.apache.activemq.transport.stomp.StompNIOTransport.processBuffer(StompNIOTransport.java:136)
at org.apache.activemq.transport.stomp.StompNIOTransport.serviceRead(StompNIOTransport.java:121)
at org.apache.activemq.transport.stomp.StompNIOTransport.access$000(StompNIOTransport.java:44)
at org.apache.activemq.transport.stomp.StompNIOTransport$1.onSelect(StompNIOTransport.java:73)
at org.apache.activemq.transport.nio.SelectorSelection.onSelect(SelectorSelection.java:98)
at org.apache.activemq.transport.nio.SelectorWorker$1.run(SelectorWorker.java:123)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
{code}
This is very similar to AMQ-8252.
was:
In case of security violation with STOMP, we get an unnecessary stack trace:
{code}
2022-03-17T14:46:04.826+0100 [ActiveMQ NIO Worker 31810] WARN Service - Async error occurred
java.lang.SecurityException: User xrootdmon is not authorized to write to: queue://xrootd.transfer
at org.apache.activemq.security.AuthorizationBroker.send(AuthorizationBroker.java:221)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.util.TimeStampingBrokerPlugin.send(TimeStampingBrokerPlugin.java:132)
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
at org.apache.activemq.broker.TransportConnection.processMessage(TransportConnection.java:580)
at org.apache.activemq.command.ActiveMQMessage.visit(ActiveMQMessage.java:769)
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:335)
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)
at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)
at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:179)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompSend(ProtocolConverter.java:347)
at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:237)
at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)
at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
at org.apache.activemq.transport.stomp.StompCodec.processCommand(StompCodec.java:133)
at org.apache.activemq.transport.stomp.StompCodec.parse(StompCodec.java:119)
at org.apache.activemq.transport.stomp.StompNIOTransport.processBuffer(StompNIOTransport.java:136)
at org.apache.activemq.transport.stomp.StompNIOTransport.serviceRead(StompNIOTransport.java:121)
at org.apache.activemq.transport.stomp.StompNIOTransport.access$000(StompNIOTransport.java:44)
at org.apache.activemq.transport.stomp.StompNIOTransport$1.onSelect(StompNIOTransport.java:73)
at org.apache.activemq.transport.nio.SelectorSelection.onSelect(SelectorSelection.java:98)
at org.apache.activemq.transport.nio.SelectorWorker$1.run(SelectorWorker.java:123)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
{code}
This is very similar to AMQ-8252.
> Unnecessary stack trace in case of security violation
> -----------------------------------------------------
>
> Key: AMQ-8548
> URL: https://issues.apache.org/jira/browse/AMQ-8548
> Project: ActiveMQ
> Issue Type: Improvement
> Affects Versions: 5.16.4
> Reporter: Lionel Cons
> Priority: Major
>
> In case of security violation with STOMP, we get an unnecessary stack trace:
> {code}
> 2022-03-17T14:46:04.826+0100 [ActiveMQ NIO Worker 31810] WARN Service - Async error occurred
> java.lang.SecurityException: User joe is not authorized to write to: queue://foo.bar
> at org.apache.activemq.security.AuthorizationBroker.send(AuthorizationBroker.java:221)
> at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
> at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
> at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
> at org.apache.activemq.broker.util.TimeStampingBrokerPlugin.send(TimeStampingBrokerPlugin.java:132)
> at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:154)
> at org.apache.activemq.broker.TransportConnection.processMessage(TransportConnection.java:580)
> at org.apache.activemq.command.ActiveMQMessage.visit(ActiveMQMessage.java:769)
> at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:335)
> at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
> at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)
> at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
> at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)
> at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:179)
> at org.apache.activemq.transport.stomp.ProtocolConverter.onStompSend(ProtocolConverter.java:347)
> at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:237)
> at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)
> at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
> at org.apache.activemq.transport.stomp.StompCodec.processCommand(StompCodec.java:133)
> at org.apache.activemq.transport.stomp.StompCodec.parse(StompCodec.java:119)
> at org.apache.activemq.transport.stomp.StompNIOTransport.processBuffer(StompNIOTransport.java:136)
> at org.apache.activemq.transport.stomp.StompNIOTransport.serviceRead(StompNIOTransport.java:121)
> at org.apache.activemq.transport.stomp.StompNIOTransport.access$000(StompNIOTransport.java:44)
> at org.apache.activemq.transport.stomp.StompNIOTransport$1.onSelect(StompNIOTransport.java:73)
> at org.apache.activemq.transport.nio.SelectorSelection.onSelect(SelectorSelection.java:98)
> at org.apache.activemq.transport.nio.SelectorWorker$1.run(SelectorWorker.java:123)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> {code}
> This is very similar to AMQ-8252.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)