Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
0.24
-
None
Description
Description of problem:
After ACL denies a command from qpid Python client, an attempt to close either session or connection raises unexpected exception (relevant to ACL, though). While at that time, session is properly closed and connection is working fine.
Version-Release number of selected component (if applicable):
every
How reproducible:
100%
Steps to Reproduce:
1. Have ACL file:
acl deny all consume all
acl allow all all
2. Run attached script.
Actual results:
----------------------------------------------------------------------------------------------------
Create receiver failed with exception
Traceback (most recent call last):
File "ACL_denial_session-hang.py", line 13, in <module>
recv = session.receiver('testQ;
')
File "<string>", line 6, in receiver
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 616, in receiver
receiver._ewait(lambda: receiver.linked)
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 973, in _ewait
result = self.session._ewait(lambda: self.error or predicate(), timeout)
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 567, in _ewait
self.check_error()
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 556, in check_error
raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)
----------------------------------------------------------------------------------------------------
Session close failed with exception
Traceback (most recent call last):
File "ACL_denial_session-hang.py", line 19, in <module>
session.close()
File "<string>", line 6, in close
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 739, in close
self.sync(timeout=timeout)
File "<string>", line 6, in sync
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 731, in sync
if not self._ewait(lambda: not self.outgoing and not self.acked, timeout=timeout):
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 567, in _ewait
self.check_error()
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 556, in check_error
raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)
----------------------------------------------------------------------------------------------------
Connection close failed with exception
Traceback (most recent call last):
File "ACL_denial_session-hang.py", line 25, in <module>
connection.close()
File "<string>", line 6, in close
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 316, in close
ssn.close(timeout=timeout)
File "<string>", line 6, in close
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 739, in close
self.sync(timeout=timeout)
File "<string>", line 6, in sync
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 731, in sync
if not self._ewait(lambda: not self.outgoing and not self.acked, timeout=timeout):
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 567, in _ewait
self.check_error()
File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 556, in check_error
raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)
Expected results:
Just the first exception is printed - when the "session.receiver" fails due to ACL.
Additional info:
Some hints for fixing it:
- session object is properly closed. Just an attempt to close it again raises that exception. When trying to close a closed session without an ACL deny, no exception is raised
- connection object is properly working and closing it really closes the AMQP connection. And the connection object can be normally used later on.
- it seems to me like:
a) exception raised and stored somewhere
b) program catches it
c) Python library should delete it from the stored place / variable but it does not do so
d) any action on affected session/connection first checks for the stored exception, finds it so re-raises it
Workaround:
try:
- this should fail - ACL does not allow this
recv = session.receiver('testQ; {create:always}')
except Exception as e1:
try:
session.close()
except Exception as e2:
"if e2 is ACL exception, then:"
session = connection.session()
..
"else close connection"