[jira] [Updated] (ARTEMIS-2344) [AMQP] Broker does not send security errors for unauthorized anonymous sasl

clebert suconic (JIRA) Thu, 30 May 2019 10:45:11 -0700


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-2344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


clebert suconic updated ARTEMIS-2344:
-------------------------------------
    Fix Version/s: 2.9.0

> [AMQP] Broker does not send security errors for unauthorized anonymous sasl
> ---------------------------------------------------------------------------
>
>                 Key: ARTEMIS-2344
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-2344
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: AMQP
>    Affects Versions: 2.8.0, 2.8.1
>            Reporter: Domenico Bruscino
>            Priority: Major
>             Fix For: 2.9.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> When user attempts unauthorized anonymous sasl, using AMQP protocol, the 
> broker can return an internal error ("amqp:internal-error") instead of the 
> security error ("amqp:unauthorized-access") that is expected in these cases.
>  
> Source code to reproduce the issue using test 
> testNoUserOrPasswordWithoutSaslRestrictions:
> https://github.com/brusdev/activemq-artemis/blob/amqp_security_error/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/JMSConnectionWithSecurityTest.java



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (ARTEMIS-2344) [AMQP] Broker does not send security errors for unauthorized anonymous sasl

Reply via email to