You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/07/19 21:40:00 UTC

[jira] [Commented] (ARTEMIS-1545) JMS MessageProducer fails to expose exception on send when message is sent non-persistent, but not authorised

    [ https://issues.apache.org/jira/browse/ARTEMIS-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16549908#comment-16549908 ] 

ASF GitHub Bot commented on ARTEMIS-1545:
-----------------------------------------

GitHub user jbertram opened a pull request:

    https://github.com/apache/activemq-artemis/pull/2187

    ARTEMIS-1545 Support JMS 2.0 Completion Listener for Exceptions

    

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jbertram/activemq-artemis ARTEMIS-1545

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq-artemis/pull/2187.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #2187
    
----
commit 74f6f1887e9c3234812d2b0997c97d30164b985e
Author: Michael André Pearce <mi...@...>
Date:   2017-12-14T07:47:30Z

    ARTEMIS-1545 Support JMS 2.0 Completion Listener for Exceptions

commit a2da41ee2e347bcf8fe721bded89e4a78ca14cfb
Author: Justin Bertram <jb...@...>
Date:   2018-07-17T15:53:21Z

    ARTEMIS-1545 refactor & rework a few incompatible pieces
    
    Existing commit for ARTEMIS-1545 broke bridges and large messages. This
    commit fixes those, and refactors the solution a bit to be more clear.

----


> JMS MessageProducer fails to expose exception on send when message is sent non-persistent, but not authorised
> -------------------------------------------------------------------------------------------------------------
>
>                 Key: ARTEMIS-1545
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1545
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Michael Andre Pearce
>            Priority: Major
>
> When sending persistent, behaviour is blocking and a Security exception is thrown. The same behaviour that the client is exposed to the client when sending non-persistent, so that a client could log or take action asynchronously. 
> This can be recreated easily by the following:
> Add the following security section , that means guest is not auth'd to send to "guest.cannot.send"
> activemq-artemis/tests/jms-tests/src/test/resources/broker.xml
>  <security-setting match="guest.cannot.send">
>                <permission type="createDurableQueue" roles="guest,def"/>
>                <permission type="deleteDurableQueue" roles="guest,def"/>
>                <permission type="createNonDurableQueue" roles="guest,def"/>
>                <permission type="deleteNonDurableQueue" roles="guest,def"/>
>                <permission type="consume" roles="guest,def"/>
>                <permission type="browse" roles="guest,def"/>
>                <permission type="send" roles="def"/>
>            </security-setting>
> Then add the following tests to this test (first is proving exception correctly is thrown when persistent is sent using jms api, and second shows behaviour difference and no error):
> activemq-artemis/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java
>   /**
>     * Login with valid user and password
>     * But try send to address not authorised - Persistent
>     * Should not allow and should throw exception
>     */
>    @Test
>    public void testLoginValidUserAndPasswordButNotAuthorisedToSend() throws Exception {
>       ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616");
>       Connection connection = connectionFactory.createConnection("guest", "guest");
>       Session session = connection.createSession();
>       Destination destination = session.createQueue("guest.cannot.send");
>       MessageProducer messageProducer = session.createProducer(destination);
>       try {
>          messageProducer.send(session.createTextMessage("hello"));
>          fail("JMSSecurityException expected as guest is not allowed to send");
>       } catch (JMSSecurityException activeMQSecurityException){
>          //pass
>       }
>       connection.close();
>    }
>    /**
>     * Login with valid user and password
>     * But try send to address not authorised - Non Persistent.
>     * Should have same behaviour as Persistent with exception on send.
>     */
>    @Test
>    public void testLoginValidUserAndPasswordButNotAuthorisedToSendNonPersistent() throws Exception {
>       ConnectionFactory connectionFactory = new ActiveMQConnectionFactory("tcp://localhost:61616");
>       Connection connection = connectionFactory.createConnection("guest", "guest");
>       Session session = connection.createSession();
>       Destination destination = session.createQueue("guest.cannot.send");
>       MessageProducer messageProducer = session.createProducer(destination);
>       messageProducer.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
>       try {
>          messageProducer.send(session.createTextMessage("hello"));
>          fail("JMSSecurityException expected as guest is not allowed to send");
>       } catch (JMSSecurityException activeMQSecurityException){
>          //pass
>       }
>       connection.close();
>    }



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)