Uploaded image for project: 'ActiveMQ Classic'
  1. ActiveMQ Classic
  2. AMQ-7303

Unnecessary stack trace in case of invalid credentials

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 5.15.10
    • 5.16.0, 5.15.12
    • Security/JAAS
    • None

    • ActiveMQ 5.15.10 as standalone broker

    Description

      When connecting via STOMP using invalid credentials, we get a complete stack trace:

      2019-09-10 14:30:16,765 [ActiveMQ NIO Worker 9] WARN Transport - Transport Connection to: tcp://192.168.1.1:50196 failed: java.io.IOException: User name [foo] or password is invalid.
2019-09-10 14:43:56,518 [ActiveMQ NIO Worker 9] WARN TransportConnection - Failed to add Connection id=ID:broker.acme.com-24724-1568103966879-1:1005, clientId=ID:broker.acme.com-24724-1568103966879-1:1005 due to {}
java.lang.SecurityException: User name [foo] or password is invalid.
	at org.apache.activemq.security.JaasAuthenticationBroker.authenticate(JaasAuthenticationBroker.java:97)
	at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:68)
	at org.apache.activemq.security.JaasDualAuthenticationBroker.addConnection(JaasDualAuthenticationBroker.java:94)
	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
	at org.apache.activemq.plugin.AbstractRuntimeConfigurationBroker.addConnection(AbstractRuntimeConfigurationBroker.java:118)
	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
	at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:99)
	at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:849)
	at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:77)
	at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:139)
	at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:336)
	at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)
	at org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)
	at org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)
	at org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)
	at org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:177)
	at org.apache.activemq.transport.stomp.ProtocolConverter.onStompConnect(ProtocolConverter.java:746)
	at org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:240)
	at org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)
	at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
	at org.apache.activemq.transport.stomp.StompCodec.processCommand(StompCodec.java:133)
	at org.apache.activemq.transport.stomp.StompCodec.parse(StompCodec.java:100)
	at org.apache.activemq.transport.stomp.StompNIOTransport.processBuffer(StompNIOTransport.java:136)
	at org.apache.activemq.transport.stomp.StompNIOTransport.serviceRead(StompNIOTransport.java:121)
	at org.apache.activemq.transport.stomp.StompNIOTransport.access$000(StompNIOTransport.java:44)
	at org.apache.activemq.transport.stomp.StompNIOTransport$1.onSelect(StompNIOTransport.java:73)
	at org.apache.activemq.transport.nio.SelectorSelection.onSelect(SelectorSelection.java:98)
	at org.apache.activemq.transport.nio.SelectorWorker$1.run(SelectorWorker.java:123)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Caused by: javax.security.auth.login.FailedLoginException: User does exist
	at org.apache.activemq.jaas.PropertiesLoginModule.login(PropertiesLoginModule.java:92)
	at sun.reflect.GeneratedMethodAccessor82.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
	at org.apache.activemq.security.JaasAuthenticationBroker.authenticate(JaasAuthenticationBroker.java:92)
	... 30 more

      A single line should be reported, not the full stack trace.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. AMQ-7433 Use short rendering of exception/throwable in log by default

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #413

          Web Link GitHub Pull Request #500

          Activity

            People

              jbonofre Jean-Baptiste Onofré
              lionel.cons Lionel Cons
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 40m
                  40m