[AMQ-2516] SecurityException raised when broker tries to move expired message to DLQ - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.3.0
Fix Version/s: 5.3.1, 5.4.0
Component/s: Broker
Labels:
None
Environment:

Windows XP SP2
Java JRE 1.6

Issue found on both FUSE Message Broker 5.3.0.3 & 5.3.0.5 (based on Apache ActiveMQ 5.3)

Description

I have enabled authentication + authorization in my broker configuration file as follows:

<authorizationPlugin>
<map>
<authorizationMap>
<authorizationEntries>
<authorizationEntry queue=">" read="users" write="users" admin="users"/>
<authorizationEntry topic="ActiveMQ.Advisory.>" read="users" write="users" admin="users"/>
</authorizationEntries>
</authorizationMap>
</map>
</authorizationPlugin>

If I send a message with a TTL into the queue (using provided sample configured with the right username and password) and then try to look after the message in the queue after it has expired using the Web Console, I got the following exception:

"Caught an exception sending to DLQ: Message ID:PC198829-1539-1259168148838-0:1:1:1:1 dropped=false locked=false
java.lang.SecurityException: User is not authenticated."

This only occurs when the broker has to deal with the DLQ as I can successfully read/write in any queue.

It seems that the thread responsible for moving the message into the DLQ doesn't have the right to perform this action (username and password not propagated to its connexion context ? ).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

activemq_configuration.zip
26/Nov/09 14:13
4 kB
Concombre Masqué
activemq.log
26/Nov/09 14:13
411 kB
Concombre Masqué
jmsproducer_sample.zip
26/Nov/09 14:13
1 kB
Concombre Masqué

Activity

People

Assignee:: Gary Tully

Reporter:: Concombre Masqué

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Nov/09 14:11

Updated:: 26/Dec/09 20:09

Resolved:: 27/Nov/09 08:23