[
https://issues.apache.org/jira/browse/ARTEMIS-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16283193#comment-16283193
]
ASF GitHub Bot commented on ARTEMIS-1545:
-----------------------------------------
Github user michaelandrepearce commented on the issue:
https://github.com/apache/activemq-artemis/pull/1695
I think expected JMS behaviour is more important.
Persistence is about if the message should be persistent during broker
restart/failure for broker side perfomance. It shouldn't change the behaviour
of the client in regards to exceptions.
Like wise as a user you would expect client side exception by default (spec
or no-spec).
When checking other vendors (We checked out other two brokers) and also
5.x, exception on send to the broker is thrown back to the client with
non-persistent. (e.g. no difference between persistent or not in these case)
I think this is particularly important for anyone migrating (and pertinent
with regards to 5.X users moving) that they would still get JMS exceptions on
send and not get any surprises that they don't get them.
FYI this is what we are doing, migrating from several different brokers
onto Artemis.
On the note of performance (as you may be aware or not) we do care for
performance (throughput and latency) in our brokers due to nature of the
business, but expected behaviour (aka no shocks) is more important. On that
note we actually did do some tests and found produce to consume latency reduced
per message.
Like wise for those really wanting it and willing to sacrifice no client
side exceptions they still can set this to false consciously, but the point is
the default should be that users do expect them, and probably should get such
surprises.
> JMS MessageProducer fails to throw security exception on send when message is
> sent non-persistent, but not authorised
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: ARTEMIS-1545
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1545
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Michael Andre Pearce
>
> When sending persistent, behaviour is as expected and a Security exception is
> thrown. The same behaviour should be expected when sending non-persistent, by
> default.
> This can be recreated easily by the following:
> Add the following security section , that means guest is not auth'd to send
> to "guest.cannot.send"
> activemq-artemis/tests/jms-tests/src/test/resources/broker.xml
> <security-setting match="guest.cannot.send">
> <permission type="createDurableQueue" roles="guest,def"/>
> <permission type="deleteDurableQueue" roles="guest,def"/>
> <permission type="createNonDurableQueue" roles="guest,def"/>
> <permission type="deleteNonDurableQueue" roles="guest,def"/>
> <permission type="consume" roles="guest,def"/>
> <permission type="browse" roles="guest,def"/>
> <permission type="send" roles="def"/>
> </security-setting>
> Then add the following tests to this test (first is proving exception
> correctly is thrown when persistent is sent using jms api, and second shows
> behaviour difference and no error):
> activemq-artemis/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java
> /**
> * Login with valid user and password
> * But try send to address not authorised - Persistent
> * Should not allow and should throw exception
> */
> @Test
> public void testLoginValidUserAndPasswordButNotAuthorisedToSend() throws
> Exception {
> ConnectionFactory connectionFactory = new
> ActiveMQConnectionFactory("tcp://localhost:61616");
> Connection connection = connectionFactory.createConnection("guest",
> "guest");
> Session session = connection.createSession();
> Destination destination = session.createQueue("guest.cannot.send");
> MessageProducer messageProducer = session.createProducer(destination);
> try {
> messageProducer.send(session.createTextMessage("hello"));
> fail("JMSSecurityException expected as guest is not allowed to
> send");
> } catch (JMSSecurityException activeMQSecurityException){
> //pass
> }
> connection.close();
> }
> /**
> * Login with valid user and password
> * But try send to address not authorised - Non Persistent.
> * Should have same behaviour as Persistent with exception on send.
> */
> @Test
> public void
> testLoginValidUserAndPasswordButNotAuthorisedToSendNonPersistent() throws
> Exception {
> ConnectionFactory connectionFactory = new
> ActiveMQConnectionFactory("tcp://localhost:61616");
> Connection connection = connectionFactory.createConnection("guest",
> "guest");
> Session session = connection.createSession();
> Destination destination = session.createQueue("guest.cannot.send");
> MessageProducer messageProducer = session.createProducer(destination);
> messageProducer.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
> try {
> messageProducer.send(session.createTextMessage("hello"));
> fail("JMSSecurityException expected as guest is not allowed to
> send");
> } catch (JMSSecurityException activeMQSecurityException){
> //pass
> }
> connection.close();
> }
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
