[jira] [Commented] (AMQ-9475) ConsumerControl commands for wildcard consumers should not auto-create destinations

ASF subversion and git services (Jira) Thu, 11 Apr 2024 03:56:13 -0700


    [ 
https://issues.apache.org/jira/browse/AMQ-9475?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17836114#comment-17836114
 ]


ASF subversion and git services commented on AMQ-9475:
------------------------------------------------------

Commit c8f0419fff316ec7737b1707f5045d3166c0a61e in activemq's branch 
refs/heads/main from Christopher L. Shannon
[ https://gitbox.apache.org/repos/asf?p=activemq.git;h=c8f0419ff ]

AMQ-9475 - ConsumerControl commands should not auto create wildcard
dests

This fixes an issue where wildcard destinations could be inadvertently
created by ConsumerControl commands which could lead to problems. The
processing logic for this command now will only look up existing
destinations if they exist.


> ConsumerControl commands for wildcard consumers should not auto-create 
> destinations
> -----------------------------------------------------------------------------------
>
>                 Key: AMQ-9475
>                 URL: https://issues.apache.org/jira/browse/AMQ-9475
>             Project: ActiveMQ Classic
>          Issue Type: Bug
>            Reporter: Christopher L. Shannon
>            Assignee: Christopher L. Shannon
>            Priority: Major
>             Fix For: 6.2.0, 5.18.5, 6.1.2
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> While investigating AMQ-9472, it was 
> [pointed|https://github.com/apache/activemq/pull/1198#issuecomment-2046523027]
>  out in some cases (like with Stomp) wildcard destinations that do not exist 
> could be auto created on subscribe which besides creating the extra 
> destination, can also lead to errors if proper ACLs are not set up.
> As 
> [pointed|https://github.com/apache/activemq/pull/1198#issuecomment-2047625950]
>  out, the bug here is that wildcard destinations should not be auto-created 
> just by subscribing using a wildcard. There is a check for this in 
> [addConsumer()|https://github.com/apache/activemq/blob/e025e443e65d4bd3c2c27f11d6caa7bfbd2c9626/activemq-broker/src/main/java/org/apache/activemq/broker/region/AbstractRegion.java#L344-L346]
>  but 
> [processConsumerControl()|https://github.com/apache/activemq/blob/e025e443e65d4bd3c2c27f11d6caa7bfbd2c9626/activemq-broker/src/main/java/org/apache/activemq/broker/region/AbstractRegion.java#L694]
>  does not have the checks. So any time that command is sent (like prefetch 
> update) this could be an issue.
> This can be fixed by only looking up destinations that are wildcards and not 
> auto creating them when processing consumer control objects just like 
> addConsumer() does.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (AMQ-9475) ConsumerControl commands for wildcard consumers should not auto-create destinations

Reply via email to