Add security check on remote broker when using JMSFlow/JCAFlow
--------------------------------------------------------------
Key: SM-1925
URL: https://issues.apache.org/activemq/browse/SM-1925
Project: ServiceMix
Issue Type: New Feature
Components: servicemix-core
Affects Versions: 3.3.1, 3.2.3
Reporter: Chris Custine
Assignee: Chris Custine
SecuredBroker checks security AFTER a component is invoked, which works fine
when the consumer and components are on the same broker. If a consumer is on
brokerA and a provider endpoint is on brokerB using JMSFlow it is possible to
bypass security and invoke the endpoint on brokerB even if it is using
SecuredBroker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
