Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
5.8.0
Description
When securing the broker using authentication and authorization, any JMX operations on the broker completely bypass the authorization plugin.
So anyone can modify the broker bypassing the security checks. Also, because of this its not possible to define a read only user for the web console.