[jira] [Created] (QPID-5203) Python client unexpected exception after ACL denial

Thu, 03 Oct 2013 03:00:50 -0700 

Pavel Moravec created QPID-5203:
-----------------------------------

             Summary: Python client unexpected exception after ACL denial
                 Key: QPID-5203
                 URL: https://issues.apache.org/jira/browse/QPID-5203
             Project: Qpid
          Issue Type: Bug
          Components: Python Client
    Affects Versions: 0.24
            Reporter: Pavel Moravec
            Assignee: Pavel Moravec
            Priority: Minor


Description of problem:
After ACL denies a command from qpid Python client, an attempt to close either 
session or connection raises unexpected exception (relevant to ACL, though). 
While at that time, session is properly closed and connection is working fine.


Version-Release number of selected component (if applicable):
every

How reproducible:
100%


Steps to Reproduce:
1. Have ACL file:
acl deny all consume all
acl allow all all

2. Run attached script.


Actual results:
----------------------------------------------------------------------------------------------------
Create receiver failed with exception
Traceback (most recent call last):
  File "ACL_denial_session-hang.py", line 13, in <module>
    recv = session.receiver('testQ; {create:always}')
  File "<string>", line 6, in receiver
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
616, in receiver
    receiver._ewait(lambda: receiver.linked)
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
973, in _ewait
    result = self.session._ewait(lambda: self.error or predicate(), timeout)
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
567, in _ewait
    self.check_error()
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
556, in check_error
    raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request 
from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)
----------------------------------------------------------------------------------------------------
Session close failed with exception
Traceback (most recent call last):
  File "ACL_denial_session-hang.py", line 19, in <module>
    session.close()
  File "<string>", line 6, in close
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
739, in close
    self.sync(timeout=timeout)
  File "<string>", line 6, in sync
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
731, in sync
    if not self._ewait(lambda: not self.outgoing and not self.acked, 
timeout=timeout):
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
567, in _ewait
    self.check_error()
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
556, in check_error
    raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request 
from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)
----------------------------------------------------------------------------------------------------
Connection close failed with exception
Traceback (most recent call last):
  File "ACL_denial_session-hang.py", line 25, in <module>
    connection.close()
  File "<string>", line 6, in close
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
316, in close
    ssn.close(timeout=timeout)
  File "<string>", line 6, in close
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
739, in close
    self.sync(timeout=timeout)
  File "<string>", line 6, in sync
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
731, in sync
    if not self._ewait(lambda: not self.outgoing and not self.acked, 
timeout=timeout):
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
567, in _ewait
    self.check_error()
  File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 
556, in check_error
    raise self.error
UnauthorizedAccess: unauthorized-access: ACL denied Queue subscribe request 
from guest@QPID (qpid/broker/SessionAdapter.cpp:399)(403)


Expected results:
Just the first exception is printed - when the "session.receiver" fails due to 
ACL.


Additional info:
Some hints for fixing it:
- session object is properly closed. Just an attempt to close it again raises 
that exception. When trying to close a closed session without an ACL deny, no 
exception is raised
- connection object is properly working and closing it really closes the AMQP 
connection. And the connection object can be normally used later on.
- it seems to me like:
a) exception raised and stored somewhere
b) program catches it
c) Python library should delete it from the stored place / variable but it does 
not do so
d) any action on affected session/connection first checks for the stored 
exception, finds it so re-raises it

Workaround:
try:
        # this should fail - ACL does not allow this
        recv = session.receiver('testQ; {create:always}')
except Exception as e1:
        try:
                session.close()
        except Exception as e2:
                "if e2 is ACL exception, then:"
                        session = connection.session()
                        ..
                "else close connection"





--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to