Details
-
Bug
-
Resolution: Done
-
Major
-
JBoss A-MQ 6.0
-
None
Description
Steps to reproduce:1. Edit default configuration in AMQ 6.0 and add the following plugin:<simpleAuthenticationPlugin anonymousAccessAllowed="true" />2. From a fresh browser window, sign into the web console and navigate to the queues tab. This produces a security exception:| 08:31:05,697 | INFO | IO Worker 736349 | LoggingBrokerPlugin | 114 - org.apache.activemq.activemq-osgi - 5.8.0.redhat-60024 | Adding Connection : ConnectionInfo {commandId = 1, responseRequired = true, connectionId = ID:TPMSGBSV01-54921-1388680924270-1:15, clientId = ID:TPMSGBSV01-54921-1388680924270-0:15, clientIp = tcp://127.0.0.1:60045, userName = admin, password = *****, brokerPath = null, brokerMasterConnector = false, manageable = true, clientMaster = true, faultTolerant = false, failoverReconnect = false}|
| 08:31:05,712 | WARN | IO Worker 736349 | TransportConnection | 114 - org.apache.activemq.activemq-osgi - 5.8.0.redhat-60024 | Failed to add Connection ID:TPMSGBSV01-54921-1388680924270-1:15, reason: java.lang.NullPointerException |
| 08:31:05,712 | WARN | IO Worker 736349 | Transport | 114 - org.apache.activemq.activemq-osgi - 5.8.0.redhat-60024 | Transport Connection to: tcp://127.0.0.1:60045 failed: java.io.EOFException |
| 08:31:05,712 | WARN | 54698060-2577265 | ServletHandler | 90 - org.eclipse.jetty.util - 7.6.7.v20120910 | /activemqweb/browse.jsp |
| org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'queueBrowser' defined in ServletContext resource [/WEB-INF/webconsole-query.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.apache.activemq.web.QueueBrowseQuery]: Constructor threw exception; nested exception is javax.jms.JMSException: java.lang.NullPointerException |
| at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:288)[242:org.jboss.amq.mq-web-console:5.8.0.redhat-60024] |
| .... |
| Caused by: java.lang.NullPointerException |
| at org.apache.activemq.security.SimpleAuthenticationBroker.addConnection(SimpleAuthenticationBroker.java:75)[242:org.jboss.amq.mq-web-console:5.8.0.redhat-60024] |
Defining a user allows this to work:| <simpleAuthenticationPlugin anonymousAccessAllowed="true" >|
| <users> |
| <authenticationUser username="admin" |
| password="admin" |
| groups="users,admins"/> |
| </users> |
| </simpleAuthenticationPlugin> |
Note, I was also unable to push messages anonymously.| [java] [Thread-2] Caught: javax.jms.JMSSecurityException: User name [] or password is invalid.|
| [java] javax.jms.JMSSecurityException: User name [] or password is invalid. |
| [java] at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:52) |
| [java] at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1391) |
| [java] at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1496) |
| [java] at org.apache.activemq.ActiveMQConnection.start(ActiveMQConnection.java:524) |
| [java] at ProducerTool.run(Unknown Source) |
| [java] Caused by: java.lang.SecurityException: User name [] or password is invalid. |
| [java] at org.apache.activemq.security.SimpleAuthenticationBroker.addConnection(SimpleAuthenticationBroker.java:77) |
From what I can tell about this configuration option, it should allow anyone in.Note of caution that my test approach involved getting it to work and then slowly adding in the new options. Testing in the same browser window caches the security stuff and it may appear to work.
