You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by cl...@apache.org on 2017/07/28 22:00:16 UTC
[1/2] activemq-artemis git commit: This closes #1422
Repository: activemq-artemis
Updated Branches:
refs/heads/master 7adc8339c -> abaccaab5
This closes #1422
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/abaccaab
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/abaccaab
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/abaccaab
Branch: refs/heads/master
Commit: abaccaab56991348ac717315abadd7886c1cdc91
Parents: 7adc833 610737b
Author: Clebert Suconic <cl...@apache.org>
Authored: Fri Jul 28 18:00:06 2017 -0400
Committer: Clebert Suconic <cl...@apache.org>
Committed: Fri Jul 28 18:00:06 2017 -0400
----------------------------------------------------------------------
.../artemis/core/security/impl/SecurityStoreImpl.java | 9 ++++++++-
.../activemq/artemis/core/server/ActiveMQMessageBundle.java | 4 ++--
2 files changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
[2/2] activemq-artemis git commit: ARTEMIS-1306 clarify identity for
authn failures
Posted by cl...@apache.org.
ARTEMIS-1306 clarify identity for authn failures
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/610737bc
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/610737bc
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/610737bc
Branch: refs/heads/master
Commit: 610737bc3082eb39bf0116bfa8dac91ee146af00
Parents: 7adc833
Author: Justin Bertram <jb...@apache.org>
Authored: Wed Jul 26 14:21:23 2017 -0500
Committer: Clebert Suconic <cl...@apache.org>
Committed: Fri Jul 28 18:00:06 2017 -0400
----------------------------------------------------------------------
.../artemis/core/security/impl/SecurityStoreImpl.java | 9 ++++++++-
.../activemq/artemis/core/server/ActiveMQMessageBundle.java | 4 ++--
2 files changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/610737bc/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
index 957a318..9d769db 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java
@@ -16,6 +16,7 @@
*/
package org.apache.activemq.artemis.core.security.impl;
+import javax.security.cert.X509Certificate;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
@@ -142,7 +143,13 @@ public class SecurityStoreImpl implements SecurityStore, HierarchicalRepositoryC
notificationService.sendNotification(notification);
}
- throw ActiveMQMessageBundle.BUNDLE.unableToValidateUser();
+ String certSubjectDN = "unavailable";
+ X509Certificate[] certs = CertificateUtil.getCertsFromConnection(connection);
+ if (certs != null && certs.length > 0 && certs[0] != null) {
+ certSubjectDN = certs[0].getSubjectDN().getName();
+ }
+
+ throw ActiveMQMessageBundle.BUNDLE.unableToValidateUser(connection.getRemoteAddress(), user, certSubjectDN);
}
return validatedUser;
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/610737bc/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQMessageBundle.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQMessageBundle.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQMessageBundle.java
index 8c9eb66..6d571a8 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQMessageBundle.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQMessageBundle.java
@@ -157,8 +157,8 @@ public interface ActiveMQMessageBundle {
@Message(id = 119030, value = "large-message not initialized on server")
ActiveMQIllegalStateException largeMessageNotInitialised();
- @Message(id = 119031, value = "Unable to validate user", format = Message.Format.MESSAGE_FORMAT)
- ActiveMQSecurityException unableToValidateUser();
+ @Message(id = 119031, value = "Unable to validate user from {0}. Username: {1}; SSL certificate subject DN: {2}", format = Message.Format.MESSAGE_FORMAT)
+ ActiveMQSecurityException unableToValidateUser(String remoteAddress, String user, String certMessage);
@Message(id = 119032, value = "User: {0} does not have permission=''{1}'' on address {2}", format = Message.Format.MESSAGE_FORMAT)
ActiveMQSecurityException userNoPermissions(String username, CheckType checkType, String saddress);