[jira] [Commented] (AMQ-9475) ConsumerControl commands for wildcard consumers should not auto-create destinations

ASF subversion and git services (Jira) Thu, 11 Apr 2024 04:15:02 -0700


    [ 
https://issues.apache.org/jira/browse/AMQ-9475?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17836119#comment-17836119
 ]


ASF subversion and git services commented on AMQ-9475:
------------------------------------------------------

Commit a37c111a7522ab0307fc2bba877ce820538f5c3c in activemq's branch 
refs/heads/activemq-5.18.x from Christopher L. Shannon
[ https://gitbox.apache.org/repos/asf?p=activemq.git;h=a37c111a7 ]

AMQ-9475 - ConsumerControl commands should not auto create wildcard
dests

This fixes an issue where wildcard destinations could be inadvertently
created by ConsumerControl commands which could lead to problems. The
processing logic for this command now will only look up existing
destinations if they exist.


> ConsumerControl commands for wildcard consumers should not auto-create 
> destinations
> -----------------------------------------------------------------------------------
>
>                 Key: AMQ-9475
>                 URL: https://issues.apache.org/jira/browse/AMQ-9475
>             Project: ActiveMQ Classic
>          Issue Type: Bug
>            Reporter: Christopher L. Shannon
>            Assignee: Christopher L. Shannon
>            Priority: Major
>             Fix For: 6.2.0, 5.18.5, 6.1.2
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> While investigating AMQ-9472, it was 
> [pointed|https://github.com/apache/activemq/pull/1198#issuecomment-2046523027]
>  out in some cases (like with Stomp) wildcard destinations that do not exist 
> could be auto created on subscribe which besides creating the extra 
> destination, can also lead to errors if proper ACLs are not set up.
> As 
> [pointed|https://github.com/apache/activemq/pull/1198#issuecomment-2047625950]
>  out, the bug here is that wildcard destinations should not be auto-created 
> just by subscribing using a wildcard. There is a check for this in 
> [addConsumer()|https://github.com/apache/activemq/blob/e025e443e65d4bd3c2c27f11d6caa7bfbd2c9626/activemq-broker/src/main/java/org/apache/activemq/broker/region/AbstractRegion.java#L344-L346]
>  but 
> [processConsumerControl()|https://github.com/apache/activemq/blob/e025e443e65d4bd3c2c27f11d6caa7bfbd2c9626/activemq-broker/src/main/java/org/apache/activemq/broker/region/AbstractRegion.java#L694]
>  does not have the checks. So any time that command is sent (like prefetch 
> update) this could be an issue.
> This can be fixed by only looking up destinations that are wildcards and not 
> auto creating them when processing consumer control objects just like 
> addConsumer() does.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (AMQ-9475) ConsumerControl commands for wildcard consumers should not auto-create destinations

Reply via email to