[
https://issues.apache.org/jira/browse/ARTEMIS-2893?focusedWorklogId=485170&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-485170
]
ASF GitHub Bot logged work on ARTEMIS-2893:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 16/Sep/20 14:11
Start Date: 16/Sep/20 14:11
Worklog Time Spent: 10m
Work Description: asfgit closed pull request #3253:
URL: https://github.com/apache/activemq-artemis/pull/3253
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 485170)
Time Spent: 20m (was: 10m)
> Concurrent user admin actions can corrupt properties
> ----------------------------------------------------
>
> Key: ARTEMIS-2893
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2893
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Justin Bertram
> Assignee: Justin Bertram
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> When performing concurrent user admin actions (e.g. {{resetUser}},
> {{addUser}}, {{removeUser}} on {{ActiveMQServerControl}}) when using the
> {{PropertiesLoginModule}} with {{reload=true}} the underlying user and role
> properties files can get corrupted.
> Run this script:
> {code:java}
> #!/bin/bash
> for i in {1..5}
> do
> # remove myuser
> curl -k --user admin:admin -H "Origin: http://localhost:8161";
> "http://localhost:8161/console/jolokia/exec/org.apache.activemq.artemis:broker=%220.0.0.0%22/removeUser(java.lang.String)/myuser"
> &
>
> # create user 'myuser' with password 'mypassword'
> curl -k --user admin:admin -H "Origin: http://localhost:8161";
> "http://localhost:8161/console/jolokia/exec/org.apache.activemq.artemis:broker=%220.0.0.0%22/addUser(java.lang.String,java.lang.String,java.lang.String,boolean)/myuser/mypassword//false"
> &
>
> # add role 'myrole' to 'myuser'
> curl -k --user admin:admin -H "Origin: http://localhost:8161";
> "http://localhost:8161/console/jolokia/exec/org.apache.activemq.artemis:broker=%220.0.0.0%22/resetUser(java.lang.String,java.lang.String,java.lang.String)/myuser/mypassword/myrole"
> &
> # perform read operation as admin user, just to see if we can connect
> curl -k --user admin:admin -H "Origin: http://localhost:8161";
> "http://localhost:8161/console/jolokia/exec/org.apache.activemq.artemis:broker=%220.0.0.0%22/listNetworkTopology()"
> &
> done
> {code}
> Sometimes the following logs will be encountered in the broker (note that the
> test does not remove/add admin):
> {code:java}
> 2020-09-01 14:35:28,398 WARN [io.hawt.system.Authenticator] Login failed due
> to: User does not exist: admin{code}
> The script may need to be run multiple times to trigger the {{WARN}}.
> Examination, in this case, of artemis-roles.properties shows:
> {code:java}
> $ cat etc/artemis-roles.properties | grep -v '#'
> amq = admin
> = myuser
> {code}
> Multiple variations of the corruption may occur.
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
