[
https://issues.apache.org/jira/browse/AMQ-9241?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ncasaux updated AMQ-9241:
-------------------------
Description:
Hello,
I'm facing the following issue:
* I have a user {{myuser who have read access to the queue myqueue.}}
* The user connects to {{ws://localhost:61614}} with a websocket client.
* The user connects via STOMP with:
*
**
CONNECT\nlogin:myuser\npasscode:myuser\naccept-version:1.2,1.1,1.0\nheart-beat:20000,20000\n\n\0
* The user subscribes to the queue with client acknowledgment mode:
** {{SUBSCRIBE\nid:sub-0\ndestination:myqueue\nack:client\n\n\0}}
* When a message arrives on the queue, the message is received by the client
* When the client sends a NACK command, it get following error:
{{Failed to schedule redelivery for:
ID:ITEM-S134480-65273-1680694344960-7:1:1:1:2}}
The server has following error:
{{java.lang.SecurityException: User myuser is not authorized to write to:
queue://myqueue}}
This error does not really make sense to me, I don't understand why this
authorization is required.
I attached a screenshot of my websocket client (dwst.io), the configuration
files I add to modify to reproduce the test with a 5.17.4 vanilla Broker, and
the stacktrace.
was:
Hello,
I'm facing the following issue:
* I have a user {{myuser }}who have read access to the queue {{myqueue.}}
* The user connects to {{ws://localhost:61614}} with a websocket client.
* The user connects via STOMP with:
*
**
CONNECT\nlogin:myuser\npasscode:myuser\naccept-version:1.2,1.1,1.0\nheart-beat:20000,20000\n\n\0
* The user subscribes to the queue with client acknowledgment mode:
** {{SUBSCRIBE\nid:sub-0\ndestination:myqueue\nack:client\n\n\0}}
* When a message arrives on the queue, the message is received by the client
* When the client sends a NACK command, it get following error:
{{Failed to schedule redelivery for:
ID:ITEM-S134480-65273-1680694344960-7:1:1:1:2}}
The server has following error:
{{java.lang.SecurityException: User myuser is not authorized to write to:
queue://myqueue}}
This error does not really make sense to me, I don't understand why this
authorization is required.
I attached a screenshot of my websocket client (dwst.io), the configuration
files I add to modify to reproduce the test with a 5.17.4 vanilla Broker, and
the stacktrace.
> issue with NACK, redelivery and authorization
> ---------------------------------------------
>
> Key: AMQ-9241
> URL: https://issues.apache.org/jira/browse/AMQ-9241
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.16.3, 5.17.4
> Reporter: ncasaux
> Priority: Major
> Attachments: StompNACKError.png, StompNACKStackTrace.txt,
> activemq.xml, credentials.properties, groups.properties, users.properties
>
>
> Hello,
> I'm facing the following issue:
> * I have a user {{myuser who have read access to the queue myqueue.}}
> * The user connects to {{ws://localhost:61614}} with a websocket client.
> * The user connects via STOMP with:
> *
> **
> CONNECT\nlogin:myuser\npasscode:myuser\naccept-version:1.2,1.1,1.0\nheart-beat:20000,20000\n\n\0
> * The user subscribes to the queue with client acknowledgment mode:
> ** {{SUBSCRIBE\nid:sub-0\ndestination:myqueue\nack:client\n\n\0}}
> * When a message arrives on the queue, the message is received by the client
> * When the client sends a NACK command, it get following error:
> {{Failed to schedule redelivery for:
> ID:ITEM-S134480-65273-1680694344960-7:1:1:1:2}}
> The server has following error:
> {{java.lang.SecurityException: User myuser is not authorized to write to:
> queue://myqueue}}
> This error does not really make sense to me, I don't understand why this
> authorization is required.
> I attached a screenshot of my websocket client (dwst.io), the configuration
> files I add to modify to reproduce the test with a 5.17.4 vanilla Broker, and
> the stacktrace.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
