Uploaded image for project: 'ActiveMQ Artemis'
  1. ActiveMQ Artemis
  2. ARTEMIS-3191

Cannot use broker-connection mirror with credentials

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.17.0
    • 2.18.0
    • Broker
    • None
    • Docker for MacOS

      Using the artemis-adoptopenjdk-11 image for Artemis 2.17.0

    Description

      When using broker-connections with mirroring and username/password credentials (through PropertiesLoginModule required), messages do not make it to the fail over instance.

      I see the connection being established, the mirror queue is created, but fills up with more and more messages. There is a session on the replica server, but no session on the live server and no consumers in the mirror queue.

      On the live server I see the following in the log: 

      2021-03-19 18:34:54,501 INFO  [org.apache.activemq.artemis.protocol.amqp.logger] AMQ111003:
      *******************************************************************************************************************************
      Success on Server AMQP Connection DRMirror1M on artemis-1-m:5672 after 0 retries
      *******************************************************************************************************************************2021-03-19 18:34:54,820 WARN  [org.apache.activemq.artemis.core.server] AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from artemis-1-m/172.18.0.2:5672. Username: null; SSL certificate subject DN: unavailable
      2021-03-19 18:34:54,823 WARN  [org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler] AMQ229031: Unable to validate user from artemis-1-m/172.18.0.2:5672. Username: null; SSL certificate subject DN: unavailable: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ229031: Unable to validate user from artemis-1-m/172.18.0.2:5672. Username: null; SSL certificate subject DN: unavailable]
              at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:204) [artemis-server-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1679) [artemis-server-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.broker.AMQPSessionCallback.init(AMQPSessionCallback.java:210) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.AMQPSessionContext.initialize(AMQPSessionContext.java:81) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.onLocalOpen(AMQPConnectionContext.java:567) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.handler.Events.dispatch(Events.java:47) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.dispatch(ProtonHandler.java:564) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:359) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.flush(AMQPConnectionContext.java:234) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at org.apache.activemq.artemis.protocol.amqp.connect.AMQPBrokerConnection.lambda$doConnect$2(AMQPBrokerConnection.java:259) [artemis-amqp-protocol-2.17.0.jar:2.17.0]
              at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164) [netty-all-4.1.51.Final.jar:4.1.51.Final]
              at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472) [netty-all-4.1.51.Final.jar:4.1.51.Final]
              at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:384) [netty-all-4.1.51.Final.jar:4.1.51.Final]
              at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) [netty-all-4.1.51.Final.jar:4.1.51.Final]
              at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [netty-all-4.1.51.Final.jar:4.1.51.Final]
              at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118) [artemis-commons-2.17.0.jar:2.17.0]

      If I add `<security-enabled>false</security-enabled>` then the mirror works as expected.

      Except for adding the broker-connection and a Test address/queue my configuration (see attached broker.xml), my configuration is completely out of the box from the docker image.

      Attachments

        1. docker-compose.yml
          0.3 kB
          Stephen Baker
        2. broker.xml
          11 kB
          Stephen Baker
        3. broker_1_m.xml
          11 kB
          Stephen Baker

        Issue Links

          Activity

            People

              clebertsuconic Clebert Suconic
              sebaker Stephen Baker
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10m
                  10m