[jira] [Commented] (ARTEMIS-1888) Add forceSSLParameters flag to core client to prefer local SSL properties over System properties

Fri, 25 May 2018 05:49:34 -0700 

    [ 
https://issues.apache.org/jira/browse/ARTEMIS-1888?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16490669#comment-16490669
 ] 

ASF GitHub Bot commented on ARTEMIS-1888:
-----------------------------------------

Github user clebertsuconic commented on the issue:

    https://github.com/apache/activemq-artemis/pull/2109
  
    Can I merge this after 2.6.1? it's adding a property to configuration.. so 
it doesn't really make it a micro release.
    
    I could cherry-pick commits but if I leave this out for now it would make 
life easier...
    
    
    Just one thing.. can you amend your commit messages as:
    
    ```
    ARTEMIS-1888 - Add forceSSLParameters flag to override system SSL properties
    
    If true the connection factory will prefer SSL settings set via the 
connector configuration vs system properties
    ```
    
    
    that is .. no line breaks on the first line especially.
    
    
    that would make it nicer on the git commit report.


> Add forceSSLParameters flag to core client to prefer local SSL properties 
> over System properties
> ------------------------------------------------------------------------------------------------
>
>                 Key: ARTEMIS-1888
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1888
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 2.6.0
>            Reporter: Christopher L. Shannon
>            Assignee: Christopher L. Shannon
>            Priority: Major
>             Fix For: 2.7.0
>
>
> When doing some testing I noticed that the order of precedence for setting 
> SSL properties inside the core client NettyConnector is a bit backwards.  Any 
> javax.ssl property takes ultimate precedence and overrides a property that is 
> set locally in the configuration map.  This doesn't make sense to me and 
> makes it so you can't override settings (ie in the same JVM have two 
> different connections use different SSL settings if a global javax.ssl 
> property is already set).  There is a comment that mentions HORNETQ-680 as 
> where this change was made so. I'm not sure what side effects this will have 
> but I think this behavior is wrong and doesn't match how the 5.x client works.
> To fix this without breaking existing users, a new flag can be added called 
> {{forceSSLParameters}} which will signal to prefer local SSL settings over 
> any system property.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to