Chris Krusch created AMQ-8599:
---------------------------------
Summary: cachedLDAPAuthorizationMap - Security failures following
LDAP Connection failures
Key: AMQ-8599
URL: https://issues.apache.org/jira/browse/AMQ-8599
Project: ActiveMQ
Issue Type: Bug
Components: Security/JAAS
Affects Versions: 5.16.4
Environment: ActiveMQ Classic 5.16.4
Configured for LDAP authentication via jaas, loading of authorization data via
cachedLDAPauthorizationMap module
We realized when submitting this that our refreshInterval=900 is way too short
but may explain why the problem only lasted for 15 seconds. We'll be updating
it to 300,000 (5 min) shortly...
Reporter: Chris Krusch
Attachments: cachedLDAPauthorization-Config.txt,
cachedLDAPauthorization-Logs.txt
Authorization errors occurred for a period of time (15 seconds) following a
failed LDAP connection in cachedLDAPAuthorizationMap. Query interval is set to
5 minutes.
Log files showing behaviour and associated configuration will be attached.
Difficult to produce a test that can simulate the LDAP failure and resulting
behaviour.
My understanding is the module should continue with the previously loaded
authorization maps if any errors are encountered loading a new configuration,
so opening as a possible bug.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
