[
https://issues.apache.org/jira/browse/AMQ-7213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Pavlovich reassigned AMQ-7213:
-----------------------------------
Assignee: Matt Pavlovich
> Slave broker does not reload or initialized the configuration (activemq.xml)
> ----------------------------------------------------------------------------
>
> Key: AMQ-7213
> URL: https://issues.apache.org/jira/browse/AMQ-7213
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.14.0, 5.15.9
> Environment: ActiveMQ Version: 5.15.9
> Master-slave setup: Shared File System Master Slave
> Java application that is connecting to the ActiveMQ
> Reporter: Adrian Quiambao
> Assignee: Matt Pavlovich
> Priority: Major
>
> Hi, we're currently experiencing an issue with regards to master-slave setup.
> So the problem is when the current master broker becomes a slave and the
> slave broker becomes master, all users that were connected to the old master
> broker will try to connect to the new master broker. But it seems like that
> the permission of users was not carried over because we can see on our logs
> that:
>
> {code:java}
> //2019-05-17 10:35:45,823 | WARN | Security Error occurred on connection to:
> tcp://10.1.240.158:60302, User testaq5 is not authorized to write to:
> topic://testaq5.statistics |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ Transport:
> tcp:///10.1.240.158:60302@61616
> 2019-05-17 10:35:46,310 | WARN | Security Error occurred on connection to:
> tcp://10.1.240.158:60302, User testaq5 is not authorized to read from:
> queue://testaq5.io.toro.integrate.Tracker |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ Transport:
> tcp:///10.1.240.158:60302@61616
> 2019-05-17 10:35:46,311 | WARN | Security Error occurred on connection to:
> tcp://10.1.240.158:60302, User testaq5 is not authorized to read from:
> topic://testaq5.web-socket |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ Transport:
> tcp:///10.1.240.158:60302@61616
> 2019-05-17 10:35:46,312 | WARN | Security Error occurred on connection to:
> tcp://10.1.240.158:60302, User testaq5 is not authorized to read from:
> queue://testaq5.io.toro.integrate.Monitor |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ Transport:
> tcp:///10.1.240.158:60302@61616
> 2019-05-17 10:35:50,820 | WARN | Security Error occurred on connection to:
> tcp://10.1.240.158:60302, User testaq5 is not authorized to write to:
> topic://testaq5.statistics |
> org.apache.activemq.broker.TransportConnection.Service | ActiveMQ Transport:
> tcp:///10.1.240.158:60302@61616
> {code}
>
> To remove this error, we need to update a dummy user (authorization entry) on
> the "activemq.xml" of the new master broker then the runtime scheduler of
> ActiveMQ will be then triggered:
> {code:java}
> org.apache.activemq.plugin.RuntimeConfigurationBroker
> {code}
> This would then reinitialized all authorization entry on the new master
> broker.
>
> How to reproduce?
> # Run broker 1 and broker 2
> # Add security to broker 1's activemq.xml
> # Copy broker1's activemq.xml to broker 2
> # Start java application
> # Verify Java application can access broker 1
> # Stop broker 1 - java application connects to broker 2
> # Verify java application can access broker 2.
> On the Java application, this would be the error:
> {code:java}
> //Caused by: java.lang.SecurityException: User bong1 is not authorized to
> write to: topic://bong1.logs 843 at
> org.apache.activemq.security.AuthorizationBroker.addProducer(AuthorizationBroker.java:199)
> 844 at
> org.apache.activemq.broker.MutableBrokerFilter.addProducer(MutableBrokerFilter.java:113)
> 845 at
> org.apache.activemq.broker.TransportConnection.processAddProducer(TransportConnection.java:650)
> 846 at org.apache.activemq.command.ProducerInfo.visit(ProducerInfo.java:108)
> {code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
