FUSE Message Broker
  1. FUSE Message Broker
  2. MB-871

Un-Authorized queue error from an Ldap server is not propogated back to the consumer

    Details

    • Type: Bug Bug
    • Status: Open Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 5.4.2-fuse-02-00
    • Fix Version/s: None
    • Component/s: broker
    • Labels:
      None
    • Similar Issues:
      Show 10 results 

      Description

      Hi,

      As I was testing MB-851, I ran across a scneario where my queue was not defined in Open LDAP. I received an error in my log:

       WARN | Failed to add Connection ID:Susan-Javureks-MacBook-Pro-2.local-53766-1303906709971-0:1, reason: java.lang.SecurityException: User name or password is invalid.
      ERROR | javax.naming.NameNotFoundException: [LDAP: error code 32 - NO_SUCH_OBJECT: failed for     SearchRequest
              baseDn : 'cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex'
              filter : '(2.5.4.3=write)'
              scope : whole subtree
              typesOnly : false
              Size Limit : no limit
              Time Limit : no limit
              Deref Aliases : deref Always
              attributes : 'member'
      : ERR_259 Attempt to search under non-existant entry:  cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex]; remaining name 'cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex'
       WARN | Async error occurred: java.lang.SecurityException: User jdoe is not authorized to write to: queue://TEST.FOO
      java.lang.SecurityException: User jdoe is not authorized to write to: queue://TEST.FOO
      	at org.apache.activemq.security.AuthorizationBroker.addProducer(AuthorizationBroker.java:163)
      	at org.apache.activemq.broker.MutableBrokerFilter.addProducer(MutableBrokerFilter.java:99)
      	at org.apache.activemq.broker.TransportConnection.processAddProducer(TransportConnection.java:510)
      	at org.apache.activemq.command.ProducerInfo.visit(ProducerInfo.java:105)
      	at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:310)
      	at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:184)
      	at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
      	at org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)
      	at org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:227)
      	at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
      	at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:222)
      	at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:204)
      	at java.lang.Thread.run(Thread.java:680)
      
      

      That's fine and helpful! Unfortunately, my consumer looks like it worked:

      Producer Tool snippet ...
           [java]     producers {
           [java]       producer queue://TEST.FOO {
           [java]         messageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of messages processed }
           [java]         messageRateTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time taken to process a message (thoughtput rate) }
           [java]         pendingMessageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of pending messages }
           [java]         messageRateTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time taken to process a message (thoughtput rate) }
           [java]         expiredMessageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of expired messages }
           [java]         messageWaitTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time spent by a message before being delivered }
           [java]       }
           [java]     }
           [java]     consumers {
           [java]     }
           [java]   }
           [java] }
           [java] All threads completed their work
      
      BUILD SUCCESSFUL
      

      I think an error needs to be returned here.

      Test Case:

      Same test case as MB-851.
      Rename the TEST.FOO entry to TEST.FOO2 or delete it.

        Activity

        Hide
        Susan Javurek
        added a comment -

        Hi, I also noticed this happens with org.apache.activemq.jaas.PropertiesLoginModule too. A bit easier to set up.

        Show
        Susan Javurek
        added a comment - Hi, I also noticed this happens with org.apache.activemq.jaas.PropertiesLoginModule too. A bit easier to set up.

          People

          • Assignee:
            Unassigned
            Reporter:
            Susan Javurek
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: