[
https://issues.apache.org/jira/browse/ARTEMIS-3205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17307867#comment-17307867
]
Domenico Francesco Bruscino commented on ARTEMIS-3205:
------------------------------------------------------
You don't need an admin user to execute a JMX operation, you can configure the
authorizations for JMX in the management.xml file, see the documentation[1] or
ask to [email protected] mailing list for further details.
[1]
https://activemq.apache.org/components/artemis/documentation/latest/management.html#configuring-jmx
> Scheduled messages should not require management user
> -----------------------------------------------------
>
> Key: ARTEMIS-3205
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3205
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: ActiveMQ-Artemis-Native
> Affects Versions: 2.17.0
> Reporter: Stefan
> Assignee: Clebert Suconic
> Priority: Major
> Labels: security
>
> We are currently trying to implement a scheduled message use-case with
> Artemis where deleting scheduled messages is sometimes necessary.
> However, we could not find any solution to dequeue scheduled messages before
> they are routed to the queue without using a management user (i.e. via
> QueueControl or JMX-Operations).
> Is this the only way it can be done in Artemis?
> We have concerns about this configuration, because our client implementation
> needs admin user rights to handle 'simple' CRUD operations. Regarding DB
> clients, this is a common antipattern.
> Shouldn't this also be possible for standard users for reasons of security?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
