You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Dejan Bosanac (JIRA)" <ji...@apache.org> on 2008/05/27 14:13:55 UTC
[jira] Created: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Writing to predefined destinations without admin priviledges
------------------------------------------------------------
Key: AMQ-1747
URL: https://issues.apache.org/activemq/browse/AMQ-1747
Project: ActiveMQ
Issue Type: Bug
Affects Versions: 5.1.0
Reporter: Dejan Bosanac
Fix For: 5.2.0
Attachments: activemq-predefined.patch
Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Posted by "Rob Davies (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/AMQ-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rob Davies resolved AMQ-1747.
-----------------------------
Resolution: Fixed
Patch applied in SVN revision 660517
> Writing to predefined destinations without admin priviledges
> ------------------------------------------------------------
>
> Key: AMQ-1747
> URL: https://issues.apache.org/activemq/browse/AMQ-1747
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.1.0
> Reporter: Dejan Bosanac
> Assignee: Rob Davies
> Fix For: 5.2.0
>
> Attachments: activemq-predefined.patch
>
>
> Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Posted by "Rob Davies (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/AMQ-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rob Davies reassigned AMQ-1747:
-------------------------------
Assignee: Rob Davies
> Writing to predefined destinations without admin priviledges
> ------------------------------------------------------------
>
> Key: AMQ-1747
> URL: https://issues.apache.org/activemq/browse/AMQ-1747
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.1.0
> Reporter: Dejan Bosanac
> Assignee: Rob Davies
> Fix For: 5.2.0
>
> Attachments: activemq-predefined.patch
>
>
> Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Posted by "Dan Bucatanschi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/AMQ-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=48139#action_48139 ]
Dan Bucatanschi commented on AMQ-1747:
--------------------------------------
Hi! I am writing a custom authorization and authentication plugin for the lab where I am working. Because I still do not fully understand what happens behind the scenes in ActiveMQ, I usually browse the ActiveMQ source code and the latest snapshots so that I can keep our security plugin up to date with the latest patches that the AuthorizationBroker gets here. So looking here, I saw this patch for this issue. I was just wondering if instead of:
return existing;
inside the if statement (looking at the diff with the previous version of the AuthorizationBroker.java), one should write:
return super.addDestination(context, destination);
just like it is at the end of the addDestination method in AuthorizationBroker. It makes sense to me to do that since we're not just trying to add a user to an already existing destination, but we should also "announce" this addition throughout the whole BrokerFilter stack, shouldn't we? This way, for example, Advisory topics also get updated with the fact that this user tried adding this destination for herself. I assume that other BrokerFilters rely on this behavior (that addDestination() gets called for every user requesting a destination successfully).
Or do I have this totally wrong and the addDestination method should only be used for adding destinations inside the broker, not to a user's connection? If that's the case, why is it that the issue described here appeared in the first place? Isn't the broker trying to create a destination (i.e. addDestination gets called) automatically for every new user requesting it?
Thanks,
-Dan
> Writing to predefined destinations without admin priviledges
> ------------------------------------------------------------
>
> Key: AMQ-1747
> URL: https://issues.apache.org/activemq/browse/AMQ-1747
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.1.0
> Reporter: Dejan Bosanac
> Assignee: Rob Davies
> Fix For: 5.2.0
>
> Attachments: activemq-predefined.patch
>
>
> Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Posted by "Dejan Bosanac (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/AMQ-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dejan Bosanac updated AMQ-1747:
-------------------------------
Attachment: activemq-predefined.patch
> Writing to predefined destinations without admin priviledges
> ------------------------------------------------------------
>
> Key: AMQ-1747
> URL: https://issues.apache.org/activemq/browse/AMQ-1747
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.1.0
> Reporter: Dejan Bosanac
> Fix For: 5.2.0
>
> Attachments: activemq-predefined.patch
>
>
> Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (AMQ-1747) Writing to predefined destinations
without admin priviledges
Posted by "Dejan Bosanac (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/AMQ-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=48455#action_48455 ]
Dejan Bosanac commented on AMQ-1747:
------------------------------------
Hi Dan,
strictly speaking your suggestion is right, so I committed the change in SVN revision 731529. As for advisories, they are not going to be fired for every addDestination call, but just when destinations are created for the first time. But it makes sense to propagate the call through all filters.
Cheers
Dejan
> Writing to predefined destinations without admin priviledges
> ------------------------------------------------------------
>
> Key: AMQ-1747
> URL: https://issues.apache.org/activemq/browse/AMQ-1747
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.1.0
> Reporter: Dejan Bosanac
> Assignee: Rob Davies
> Fix For: 5.2.0
>
> Attachments: activemq-predefined.patch
>
>
> Trying to write to predefined destinations without admin privileges raises "cannot create destination" exception. More info could be foundin the folllowinf thread - http://www.nabble.com/Secutiry-and-Predefined-Destinations-tt17370190s2354.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.