You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Brandon Stradling (Jira)" <ji...@apache.org> on 2022/11/10 18:23:00 UTC

[jira] [Created] (ARTEMIS-4090) Artemis Web Console Does Not Use User Cert on sendMessage

Brandon Stradling created ARTEMIS-4090:
------------------------------------------

             Summary: Artemis Web Console Does Not Use User Cert on sendMessage
                 Key: ARTEMIS-4090
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4090
             Project: ActiveMQ Artemis
          Issue Type: Bug
            Reporter: Brandon Stradling


After configuring Artemis ActiveMQ Web console to use certs to authenticate users, attempting to send a message from the console results in error.

 

Web Console Error: "Could not send message: java.lang.IllegalStateException : AMQ229031: Unable to validate user from Management. Username: public; SSL certificate subject DN: unavailable"

 

Receiving exception that certs[] is null from:

         throw new LoginException("Client certificates not found. Cannot authenticate.");

[https://github.com/apache/activemq-artemis/blob/5ebaebdfa3830f9ac075137aefb77d78f2d8bc7a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/TextFileCertificateLoginModule.java#L75]

 

From what I can assess, hawt.io Authenticator passes users certs via the incoming HttpRequest.  My best guess is that the sendMessageService class does not grab and pass the user's cert when attempting to doSendMessage.

this.jolokia.execute(mbean, "sendMessage(java.util.Map, int, java.lang.String, boolean, java.lang.String, java.lang.String, boolean)", headers, type, body, durable, user, pwd, createMessageId, Core.onSuccess(this.operationSuccess(), \{ error: this.onError }));Core.$apply(this.scope);}}};}})(Artemis || (Artemis = {}));

[https://github.com/apache/activemq-artemis/blob/42529899d01df63c4aea5f562a2db8058a455a5e/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/services/sendMessageService.js#L155]

 

Please add support for cert-based message sending from the Web Console.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)