You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alex Rudyy (Created) (JIRA)" <ji...@apache.org> on 2012/02/15 15:45:00 UTC
[jira] [Created] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Management ACL lacks the ability to perform queryMBean operation for non-admin users
------------------------------------------------------------------------------------
Key: QPID-3844
URL: https://issues.apache.org/jira/browse/QPID-3844
Project: Qpid
Issue Type: Bug
Components: Java Broker
Affects Versions: 0.15
Reporter: Alex Rudyy
Fix For: 0.15
Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
For example, ACL for the guest account can be configured like following
#Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Assigned] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy reassigned QPID-3844:
--------------------------------
Assignee: Alex Rudyy
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Fix For: 0.15
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-3844:
-----------------------------
Attachment: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Resolved] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Robbie Gemmell (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell resolved QPID-3844.
----------------------------------
Resolution: Fixed
Patch applied.
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-3844:
-----------------------------
Attachment: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
Attached a patch with a fix.
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-3844:
-----------------------------
Status: Ready To Review (was: In Progress)
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Alex Rudyy
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Assigned] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy reassigned QPID-3844:
--------------------------------
Assignee: Robbie Gemmell (was: Alex Rudyy)
Robbie,
Could you please review and commit the patch attached?
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3844) Management ACL lacks the ability to
perform queryMBean operation for non-admin users
Posted by "Alex Rudyy (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-3844:
-----------------------------
Attachment: (was: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch)
> Management ACL lacks the ability to perform queryMBean operation for non-admin users
> ------------------------------------------------------------------------------------
>
> Key: QPID-3844
> URL: https://issues.apache.org/jira/browse/QPID-3844
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: 0.15
> Reporter: Alex Rudyy
> Assignee: Robbie Gemmell
> Fix For: 0.15
>
> Attachments: 0001-QPID-3844-Operation-queryMBeans-does-not-require-aut.patch
>
>
> Existing user accounts with limited rights (non admin uses) cannot login into management console due to error: "Permission denied: Access queryMBeans".
> For example, ACL for the guest account can be configured like following
> #Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
> ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
> ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"
> but "guest" user still is not be able to login because current implementation does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org