[
https://issues.apache.org/jira/browse/QPID-3006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12982894#action_12982894
]
Gordon Sim commented on QPID-3006:
----------------------------------
The authorisation check that is wrong is also unnecessary. The method can be
prevented by restricting the method execution e.g. with:
acl deny all access method name=close schemaclass=link
> Broken acl check on link close
> ------------------------------
>
> Key: QPID-3006
> URL: https://issues.apache.org/jira/browse/QPID-3006
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Affects Versions: 0.8
> Reporter: Gordon Sim
> Assignee: Gordon Sim
> Fix For: 0.9
>
>
> start broker 1 (in example below on 5672) with an acl containing:
> acl allow bob@QPID all all
> acl deny all all
> and broker 2 (on 5673 in my case) with no acl. Then run
> qpid-route -v add link bob/bob@localhost:5672 bill/bill@localhost:5673
> qpid-route -v del link bob/bob@localhost:5672 bill/bill@localhost:5673
> The latter fails as the wrong username is used in the attempted authorisation
> check (uses bill when it should be bob).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscr...@qpid.apache.org
