Bowie HU created AMQ-6867:
-----------------------------
Summary: Multiple permissions of shiro in AMQ do not work
Key: AMQ-6867
URL: https://issues.apache.org/jira/browse/AMQ-6867
Project: ActiveMQ
Issue Type: Bug
Components: security
Affects Versions: 5.14.5
Environment: Linux x86/ jdk1.7/
Reporter: Bowie HU
Fix For: WAITING_FOR_TEST
I changed the default authorization plugin to "shiro" authrization plugin and
started testing it. Firstly I give all permissions(*) to a role and it works.
But when I set two permissions actions({color:red}write,admin{color}) to a
"role", producer cannot run and throw the exception("subject(user) is not
authorized to {color:red}create {color}destination : ..."). After it, I changed
permissions to{color:red} "admin,write"{color} and the exception became to
"subject(user) is not authorized to {color:red}write {color}destination : ..." .
It seems that only the permission action which is in the first place is been
set to the effective permission to a "role".
Anyone have any idea of it? THX
Here is my config file("shiro.ini"):
[main]
[users]
dmqs=dmqs,advisory,queue
[roles]
advisory = topic:ActiveMQ.Advisory*
queue = queue:queue.*:read,admin
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
