Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.1.0, 1.2.0
-
None
-
None
-
None
Description
Artemis RA has been coded to support container-managed security.
If there is a security domain specified for its resource adapter, Artemis
ManagedConnection will use the security's Subject for its
authentication on the broker side.
However there is one use case that is not working as I expect.
When the user specifies credentials when calling the RA's
ConnectionFactory methods, Artemis discards them if there is a subject
from the SecurityDomain.
The correct behaviour should be the opposite: (more specific) credential parameters from the ConnectionRequestInfo should have precedence over the (more general) Subject's from the security domain.
The new code path would be:
- If there are credentials from the ConnectionRequestInfo, use them
- else if there is a Subject, use it
- else raise an exception.