[jira] [Commented] (ARTEMIS-899) On user authentication a stack trace is logged to the error channel

Justin Bertram (JIRA) Fri, 06 Jan 2017 09:01:38 -0800

    [ 
https://issues.apache.org/jira/browse/ARTEMIS-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15804999#comment-15804999
 ]


Justin Bertram commented on ARTEMIS-899:
----------------------------------------

The broker could log the X.500 name of the peer, but there's no way for it to 
know that that's actually the information used for authentication.  The JAAS 
login modules used for authn are opaque, as I mentioned before.  SSL could just 
be used for transport layer security and username/password could be used for 
authn so logging the X.500 name of the peer in that case would be wrong.

> On user authentication a stack trace is logged to the error channel
> -------------------------------------------------------------------
>
>                 Key: ARTEMIS-899
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-899
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>    Affects Versions: 1.5.1
>            Reporter: Mike Hearn
>            Assignee: Justin Bertram
>
> When a user fails to authenticate, this probably justifies a WARNING but not 
> a full stack trace to the ERROR logger:
> E 16:05:33 39 server.handleCreateSession - AMQ224018: Failed to create session
>  org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ119031: 
> Unable to validate user
>       at 
> org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:145)
>  ~[artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1208)
>  ~[artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handleCreateSession(ActiveMQPacketHandler.java:154)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handlePacket(ActiveMQPacketHandler.java:80)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:633)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:376)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:358)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:631)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:68)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:293)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:267)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1066) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:900) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:411)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1294)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:911)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:131)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:572) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:513)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:427) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:399) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:140)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (ARTEMIS-899) On user authentication a stack trace is logged to the error channel

Reply via email to