[AMQ-3183] Set JMSXUserID value based on authenticated principal - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.4.2
Fix Version/s: 5.5.0
Component/s: Broker
Labels:

Description

When using the JaasDualAuthenticationPlugin, a user with id 'system' can gain the guest credentials but still remain with the 'system' username which gets into a produced message via the JMSXUserID property.
It would be nice if the userName reflected the first authenticated UserPrincipal, such that a user 'system' authenticated to default role 'guest' after a failed login, proceeds to use the 'guest' userName.

Attachments

Issue Links

is required by

AMQ-3211 JMSXUserId Can be spoofed by client

Resolved

Activity

People

Assignee:: Gary Tully

Reporter:: Gary Tully

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/Feb/11 15:56

Updated:: 11/Mar/11 10:55

Resolved:: 16/Feb/11 16:33