You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (JIRA)" <ji...@apache.org> on 2017/08/23 14:58:00 UTC
[jira] [Commented] (ARTEMIS-1369) Include queue name in security
errors where appropriate
[ https://issues.apache.org/jira/browse/ARTEMIS-1369?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138450#comment-16138450 ]
Justin Bertram commented on ARTEMIS-1369:
-----------------------------------------
Can you provide some examples of what you're referring to? I just looked at the exception generating when failing to consume from a queue and it included the queue name, e.g.:
{noformat}
ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ119032: User: first does not have permission='CONSUME' on address address.durableQueue]
at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:409)
at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:319)
at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQSessionContext.createConsumer(ActiveMQSessionContext.java:295)
at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.internalCreateConsumer(ClientSessionImpl.java:1797)
at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.createConsumer(ClientSessionImpl.java:711)
at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.createConsumer(ClientSessionImpl.java:669)
at org.apache.activemq.artemis.core.client.impl.ClientSessionImpl.createConsumer(ClientSessionImpl.java:641)
at org.apache.activemq.artemis.tests.integration.security.SecurityTest.testJAASSecurityManagerAuthorizationNegative(SecurityTest.java:348)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:55)
at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48)
at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48)
at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:55)
at org.junit.rules.RunRules.evaluate(RunRules.java:20)
{noformat}
The {{address.durableQueue}} in the exception message is the name of the address concatenated with the name of the queue.
> Include queue name in security errors where appropriate
> -------------------------------------------------------
>
> Key: ARTEMIS-1369
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1369
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Reporter: Michael Andre Pearce
>
> Currently when getting security exceptions on creating a consumer, delete queue or create, the queue name is not included only the address. Having the queue name also in the exception will assist in diagnosing the config error (either server or client side)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)