Qpid
  1. Qpid
  2. QPID-4691

[Java Broker] update web UI handling of SSL attributes and make the broker validate port attributes more closely to avoid illegal configurations which prevent start-up

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 0.21, 0.22
    • Fix Version/s: 0.23
    • Component/s: Java Broker
    • Labels:
      None

      Description

      On setting of broker attributes the keystore/trustore/peerstore attributes only validated when path is changed. As result, when password or alias is changed no validation happens and invalid values can be stored.

      On setting of port attributes only attribute types are validated. As result if SSL port is configured without keystore or need/wantClientAuthorisation. attributes are set without truststore the following broker start fails as broker cannot bind to SSL port without keystore/truststore accordingly.

      The web management port UI should allow the setting of need/wantClientAuthorisation attributes only when SSL transport is selected.

      Broker UI to edit keystore/trustore/perrstore password should not require the setting of the password every time when path to keystore/trustore/perrstore is changed.

        Activity

        Alex Rudyy created issue -
        Alex Rudyy made changes -
        Field Original Value New Value
        Summary [Java Broker] Keystore/trustore related attributes are not validated properly causing invalid values to be stored in broker configuration which could stop broker from the start-up [Java Broker] Keystore/trustore related attributes are not validated properly causing invalid values to be stored in broker configuration which could result in start-up failures
        Alex Rudyy made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Alex Rudyy made changes -
        Status In Progress [ 3 ] Ready To Review [ 10006 ]
        Hide
        Alex Rudyy added a comment -

        Robbie,

        Could you please review the changes in revision http://svn.apache.org/r1463626 ?

        Show
        Alex Rudyy added a comment - Robbie, Could you please review the changes in revision http://svn.apache.org/r1463626 ?
        Alex Rudyy made changes -
        Assignee Alex Rudyy [ alex.rufous ] Robbie Gemmell [ gemmellr ]
        Robbie Gemmell made changes -
        Fix Version/s 0.23 [ 12324273 ]
        Robbie Gemmell made changes -
        Summary [Java Broker] Keystore/trustore related attributes are not validated properly causing invalid values to be stored in broker configuration which could result in start-up failures [Java Broker] update web UI handling of SSL attribites and make the broker validate port attributes more closely to avoid illegal configurations which prevent start-up
        Robbie Gemmell made changes -
        Summary [Java Broker] update web UI handling of SSL attribites and make the broker validate port attributes more closely to avoid illegal configurations which prevent start-up [Java Broker] update web UI handling of SSL attributes and make the broker validate port attributes more closely to avoid illegal configurations which prevent start-up
        Hide
        Robbie Gemmell added a comment -

        Looks good to me, we should request this for 0.22.

        Show
        Robbie Gemmell added a comment - Looks good to me, we should request this for 0.22.
        Robbie Gemmell made changes -
        Status Ready To Review [ 10006 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Hide
        Justin Ross added a comment -

        Reviewed by Robbie. Approved for 0.22.

        A note in passing: this issue bundles together a high priority bug fix (scenario where invalid values can be stored) with other improvements. That's not nice from a triage perspective.

        Show
        Justin Ross added a comment - Reviewed by Robbie. Approved for 0.22. A note in passing: this issue bundles together a high priority bug fix (scenario where invalid values can be stored) with other improvements. That's not nice from a triage perspective.
        Hide
        Alex Rudyy added a comment -

        Merged into 0.22 branch in revision http://svn.apache.org/r1464485

        Show
        Alex Rudyy added a comment - Merged into 0.22 branch in revision http://svn.apache.org/r1464485
        Hide
        Justin Ross added a comment -
        Show
        Justin Ross added a comment - Released in Qpid 0.24, http://qpid.apache.org/releases/qpid-0.24/index.html
        Justin Ross made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open In Progress In Progress
        28m 52s 1 Alex Rudyy 02/Apr/13 18:02
        In Progress In Progress Reviewable Reviewable
        3s 1 Alex Rudyy 02/Apr/13 18:02
        Reviewable Reviewable Resolved Resolved
        4h 41m 1 Robbie Gemmell 02/Apr/13 22:44
        Resolved Resolved Closed Closed
        158d 15h 53m 1 Justin Ross 08/Sep/13 14:37

          People

          • Assignee:
            Robbie Gemmell
            Reporter:
            Alex Rudyy
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development