You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2020/08/04 15:30:00 UTC

[jira] [Updated] (ARTEMIS-2865) LegacyLDAPSecuritySettingPlugin can change default security match

     [ https://issues.apache.org/jira/browse/ARTEMIS-2865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Bertram updated ARTEMIS-2865:
------------------------------------
    Description: 
When a new permission is added to LDAP the LegacyLDAPSecuritySettingPlugin can use the new permission to modify the default security match which can grant users incorrect authorization.

Restarting the broker resolves the issue.

  was:
When a new permission is added to LDAP the LegacyLDAPSecuritySettingPlugin can use the new permission to modify the default security match which can grant users elevated authorization.

Restarting the broker resolves the issue.


> LegacyLDAPSecuritySettingPlugin can change default security match
> -----------------------------------------------------------------
>
>                 Key: ARTEMIS-2865
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-2865
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Justin Bertram
>            Assignee: Justin Bertram
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> When a new permission is added to LDAP the LegacyLDAPSecuritySettingPlugin can use the new permission to modify the default security match which can grant users incorrect authorization.
> Restarting the broker resolves the issue.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)