Details
-
Bug
-
Resolution: Done
-
Major
-
JBoss A-MQ 6.1, JBoss A-MQ 6.2
-
None
Description
We configured SimpleAuthenticationPlugin as follows
we defined 2 users:
<authenticationUser username="user1" password=“user1" groups="users1"/> <authenticationUser username="user2" password=“user2" groups="users2"/>
that are allowed to publish/subscribe on 2 different topics
<authorizationEntry topic="USER1.>" read="users1" write="users1" admin="users1" /> <authorizationEntry topic="USER2.>" read="users2" write="users2" admin="users2" />
We connected the client 1 with the credential users1 and subscribe #
The broker allowed the client 1 to subscribe # although not authorized.
Then we connected the client 2 with the credential users2 and we publish a message to topic
USER2/TOPIC1/TOPIC2
The client 1 received the message published by client 2 on USER2/TOPIC1/TOPIC2.
If we tried to subscribe USER2/# with the client 1 the broker blocked correctly the subscription.
We repeated the test with activemq-5-11.1 and the result is different.
ActiveMQ allow the client to subscribe the # topic like A-MQ but the client 1 doesn’t receive the message sent by client 2.
