[jira] Assigned: (AMQ-2516) SecurityException raised when broker tries to move expired message to DLQ

Thu, 26 Nov 2009 08:26:17 -0800 

     [ 
https://issues.apache.org/activemq/browse/AMQ-2516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gary Tully reassigned AMQ-2516:
-------------------------------

    Assignee: Gary Tully

> SecurityException raised when broker tries to move expired message to DLQ
> -------------------------------------------------------------------------
>
>                 Key: AMQ-2516
>                 URL: https://issues.apache.org/activemq/browse/AMQ-2516
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.3.0
>         Environment: Windows XP SP2
> Java JRE 1.6
> Issue found on both FUSE Message Broker 5.3.0.3 & 5.3.0.5 (based on Apache 
> ActiveMQ 5.3)
>            Reporter: Concombre Masqué
>            Assignee: Gary Tully
>         Attachments: activemq.log, activemq_configuration.zip, 
> jmsproducer_sample.zip
>
>
> I have enabled authentication + authorization in my broker configuration file 
> as follows:
> <jaasAuthenticationPlugin configuration="PropertiesLogin" />
> <authorizationPlugin>
> <map>
> <authorizationMap>
> <authorizationEntries>
> <authorizationEntry queue=">" read="users" write="users" admin="users"/>
> <authorizationEntry topic="ActiveMQ.Advisory.>" read="users" write="users" 
> admin="users"/>
> </authorizationEntries>
> </authorizationMap>
> </map>
> </authorizationPlugin>
> If I send a message with a TTL into the queue (using provided sample 
> configured with the right username and password) and then try to look after 
> the message in the queue after it has expired using the Web Console, I got 
> the following exception:
> "Caught an exception sending to DLQ: Message 
> ID:PC198829-1539-1259168148838-0:1:1:1:1 dropped=false locked=false
> java.lang.SecurityException: User is not authenticated."
> This only occurs when the broker has to deal with the DLQ as I can 
> successfully read/write in any queue.
> It seems that the thread responsible for moving the message into the DLQ 
> doesn't have the right to perform this action (username and password not 
> propagated to its connexion context ? ).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to