[
https://issues.apache.org/jira/browse/ARTEMIS-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16566753#comment-16566753
]
ASF GitHub Bot commented on ARTEMIS-1545:
-----------------------------------------
Github user jbertram commented on a diff in the pull request:
https://github.com/apache/activemq-artemis/pull/2187#discussion_r207218441
--- Diff:
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/protocol/core/impl/ActiveMQSessionContext.java
---
@@ -189,16 +185,24 @@ public void kill() {
this.killed = true;
}
+ private void setHandlers() {
+
sessionChannel.setCommandConfirmationHandler(commandConfirmationHandler);
--- End diff --
I realize that your original intent was that either the confirmation or the
response handler would be set here rather than both, and this is definitely the
reason for the duplicate confirmation. However, I couldn't determine any other
way to maintain compatibility with existing bridge behavior without setting
both. If this method is changed back to your original semantic (i.e. only set
one) then lots of tests in
org.apache.activemq.artemis.tests.integration.cluster.bridge.BridgeTest fail.
org.apache.activemq.artemis.tests.integration.client.SendAckFailTest was broken
at some point as well. I will certainly admit that my solution here isn't the
most elegant, but I haven't found a more clever way of dealing with the failing
tests. I think eventually the whole confirmation implementation should be
refactored to deal with these issues, but I don't see how that's feasible in a
minor release.
> JMS MessageProducer fails to expose exception on send when message is sent
> non-persistent, but not authorised
> -------------------------------------------------------------------------------------------------------------
>
> Key: ARTEMIS-1545
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1545
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Michael Andre Pearce
> Priority: Major
>
> When sending persistent, behaviour is blocking and a Security exception is
> thrown. The same behaviour that the client is exposed to the client when
> sending non-persistent, so that a client could log or take action
> asynchronously.
> This can be recreated easily by the following:
> Add the following security section , that means guest is not auth'd to send
> to "guest.cannot.send"
> activemq-artemis/tests/jms-tests/src/test/resources/broker.xml
> <security-setting match="guest.cannot.send">
> <permission type="createDurableQueue" roles="guest,def"/>
> <permission type="deleteDurableQueue" roles="guest,def"/>
> <permission type="createNonDurableQueue" roles="guest,def"/>
> <permission type="deleteNonDurableQueue" roles="guest,def"/>
> <permission type="consume" roles="guest,def"/>
> <permission type="browse" roles="guest,def"/>
> <permission type="send" roles="def"/>
> </security-setting>
> Then add the following tests to this test (first is proving exception
> correctly is thrown when persistent is sent using jms api, and second shows
> behaviour difference and no error):
> activemq-artemis/tests/jms-tests/src/test/java/org/apache/activemq/artemis/jms/tests/SecurityTest.java
> /**
> * Login with valid user and password
> * But try send to address not authorised - Persistent
> * Should not allow and should throw exception
> */
> @Test
> public void testLoginValidUserAndPasswordButNotAuthorisedToSend() throws
> Exception {
> ConnectionFactory connectionFactory = new
> ActiveMQConnectionFactory("tcp://localhost:61616");
> Connection connection = connectionFactory.createConnection("guest",
> "guest");
> Session session = connection.createSession();
> Destination destination = session.createQueue("guest.cannot.send");
> MessageProducer messageProducer = session.createProducer(destination);
> try {
> messageProducer.send(session.createTextMessage("hello"));
> fail("JMSSecurityException expected as guest is not allowed to
> send");
> } catch (JMSSecurityException activeMQSecurityException){
> //pass
> }
> connection.close();
> }
> /**
> * Login with valid user and password
> * But try send to address not authorised - Non Persistent.
> * Should have same behaviour as Persistent with exception on send.
> */
> @Test
> public void
> testLoginValidUserAndPasswordButNotAuthorisedToSendNonPersistent() throws
> Exception {
> ConnectionFactory connectionFactory = new
> ActiveMQConnectionFactory("tcp://localhost:61616");
> Connection connection = connectionFactory.createConnection("guest",
> "guest");
> Session session = connection.createSession();
> Destination destination = session.createQueue("guest.cannot.send");
> MessageProducer messageProducer = session.createProducer(destination);
> messageProducer.setDeliveryMode(DeliveryMode.NON_PERSISTENT);
> try {
> messageProducer.send(session.createTextMessage("hello"));
> fail("JMSSecurityException expected as guest is not allowed to
> send");
> } catch (JMSSecurityException activeMQSecurityException){
> //pass
> }
> connection.close();
> }
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
