[jira] Resolved: (SM-1925) Add security check on remote broker when using JMSFlow/JCAFlow

Chris Custine (JIRA) Tue, 12 Jan 2010 12:44:08 -0800

     [ 
https://issues.apache.org/activemq/browse/SM-1925?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Chris Custine resolved SM-1925.
-------------------------------

       Resolution: Fixed
    Fix Version/s: 3.3.2
                   3.2.4

> Add security check on remote broker when using JMSFlow/JCAFlow
> --------------------------------------------------------------
>
>                 Key: SM-1925
>                 URL: https://issues.apache.org/activemq/browse/SM-1925
>             Project: ServiceMix
>          Issue Type: Bug
>          Components: servicemix-core
>    Affects Versions: 3.2.3, 3.3.1
>            Reporter: Chris Custine
>            Assignee: Chris Custine
>             Fix For: 3.2.4, 3.3.2
>
>
> SecuredBroker checks security AFTER a component is invoked, which works fine 
> when the consumer and components are on the same broker.  If a consumer is on 
> brokerA and a provider endpoint is on brokerB using JMSFlow it is possible to 
> bypass security and invoke the endpoint on brokerB even if it is using 
> SecuredBroker.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Resolved: (SM-1925) Add security check on remote broker when using JMSFlow/JCAFlow

Reply via email to