[jira] [Commented] (ARTEMIS-4090) Artemis Web Console Does Not Use User Cert on sendMessage

Fri, 11 Nov 2022 09:17:04 -0800 


    [ 
https://issues.apache.org/jira/browse/ARTEMIS-4090?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17632477#comment-17632477
 ] 

Justin Bertram commented on ARTEMIS-4090:
-----------------------------------------

[~brusdev], you're right. Do you plan on resuming work on your draft PR at some 
point?

> Artemis Web Console Does Not Use User Cert on sendMessage
> ---------------------------------------------------------
>
>                 Key: ARTEMIS-4090
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4090
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Brandon Stradling
>            Priority: Major
>
> After configuring Artemis ActiveMQ Web console to use certs to authenticate 
> users, attempting to send a message from the console results in error.
>  
> Web Console Error: "Could not send message: java.lang.IllegalStateException : 
> AMQ229031: Unable to validate user from Management. Username: public; SSL 
> certificate subject DN: unavailable"
>  
> Receiving exception that certs[] is null from:
>          throw new LoginException("Client certificates not found. Cannot 
> authenticate.");
> [https://github.com/apache/activemq-artemis/blob/5ebaebdfa3830f9ac075137aefb77d78f2d8bc7a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/TextFileCertificateLoginModule.java#L75]
>  
> From what I can assess, hawt.io Authenticator passes users certs via the 
> incoming HttpRequest.  My best guess is that the sendMessageService class 
> does not grab and pass the user's cert when attempting to doSendMessage.
> this.jolokia.execute(mbean, "sendMessage(java.util.Map, int, 
> java.lang.String, boolean, java.lang.String, java.lang.String, boolean)", 
> headers, type, body, durable, user, pwd, createMessageId, 
> Core.onSuccess(this.operationSuccess(), \{ error: this.onError 
> }));Core.$apply(this.scope);}}};}})(Artemis || (Artemis = {}));
> [https://github.com/apache/activemq-artemis/blob/42529899d01df63c4aea5f562a2db8058a455a5e/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/services/sendMessageService.js#L155]
>  
> Please add support for cert-based message sending from the Web Console.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to