You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Domenico Francesco Bruscino (Jira)" <ji...@apache.org> on 2021/03/24 14:39:00 UTC
[jira] [Commented] (ARTEMIS-3205) Scheduled messages should not
require management user
[ https://issues.apache.org/jira/browse/ARTEMIS-3205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17307867#comment-17307867 ]
Domenico Francesco Bruscino commented on ARTEMIS-3205:
------------------------------------------------------
You don't need an admin user to execute a JMX operation, you can configure the authorizations for JMX in the management.xml file, see the documentation[1] or ask to users@activemq.apache.org mailing list for further details.
[1] https://activemq.apache.org/components/artemis/documentation/latest/management.html#configuring-jmx
> Scheduled messages should not require management user
> -----------------------------------------------------
>
> Key: ARTEMIS-3205
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3205
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: ActiveMQ-Artemis-Native
> Affects Versions: 2.17.0
> Reporter: Stefan
> Assignee: Clebert Suconic
> Priority: Major
> Labels: security
>
> We are currently trying to implement a scheduled message use-case with Artemis where deleting scheduled messages is sometimes necessary.
> However, we could not find any solution to dequeue scheduled messages before they are routed to the queue without using a management user (i.e. via QueueControl or JMX-Operations).
> Is this the only way it can be done in Artemis?
> We have concerns about this configuration, because our client implementation needs admin user rights to handle 'simple' CRUD operations. Regarding DB clients, this is a common antipattern.
> Shouldn't this also be possible for standard users for reasons of security?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)