You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Brandon Stradling (Jira)" <ji...@apache.org> on 2022/12/08 15:05:00 UTC

[jira] [Commented] (ARTEMIS-4090) Artemis Web Console Does Not Use User Cert on sendMessage

    [ https://issues.apache.org/jira/browse/ARTEMIS-4090?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17644858#comment-17644858 ] 

Brandon Stradling commented on ARTEMIS-4090:
--------------------------------------------

[~brusdev] just following up on this as we're looking forward to this functionality.

> Artemis Web Console Does Not Use User Cert on sendMessage
> ---------------------------------------------------------
>
>                 Key: ARTEMIS-4090
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4090
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Brandon Stradling
>            Priority: Major
>
> After configuring Artemis ActiveMQ Web console to use certs to authenticate users, attempting to send a message from the console results in error.
>  
> Web Console Error: "Could not send message: java.lang.IllegalStateException : AMQ229031: Unable to validate user from Management. Username: public; SSL certificate subject DN: unavailable"
>  
> Receiving exception that certs[] is null from:
>          throw new LoginException("Client certificates not found. Cannot authenticate.");
> [https://github.com/apache/activemq-artemis/blob/5ebaebdfa3830f9ac075137aefb77d78f2d8bc7a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/TextFileCertificateLoginModule.java#L75]
>  
> From what I can assess, hawt.io Authenticator passes users certs via the incoming HttpRequest.  My best guess is that the sendMessageService class does not grab and pass the user's cert when attempting to doSendMessage.
> this.jolokia.execute(mbean, "sendMessage(java.util.Map, int, java.lang.String, boolean, java.lang.String, java.lang.String, boolean)", headers, type, body, durable, user, pwd, createMessageId, Core.onSuccess(this.operationSuccess(), \{ error: this.onError }));Core.$apply(this.scope);}}};}})(Artemis || (Artemis = {}));
> [https://github.com/apache/activemq-artemis/blob/42529899d01df63c4aea5f562a2db8058a455a5e/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/services/sendMessageService.js#L155]
>  
> Please add support for cert-based message sending from the Web Console.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)