Timothy A. Bish created ARTEMIS-4963:
----------------------------------------
Summary: Reject openwire senders that lack SEND permissions on
attach
Key: ARTEMIS-4963
URL: https://issues.apache.org/jira/browse/ARTEMIS-4963
Project: ActiveMQ Artemis
Issue Type: Improvement
Components: OpenWire
Affects Versions: 2.36.0
Reporter: Timothy A. Bish
Assignee: Timothy A. Bish
Currently the Openwire producers are allowed to attach even when the named
destination(s) it requests don't offer send permissions to the logged in user
(the sends themselves are validated). The sends from these named or from
anonymous producers are checked for permission but only after such things as
conversion of the message to Core has happened which leads to unnecessary GC
overhead and wasted CPU cycles if the send is going to ultimately be rejected.
We should reject Openwire senders on attach (which is what the ActiveMQ
'Classic' broker does) and we should check send permissions prior to
unnecessarily converting messages to Core to reduce overhead from anonymous
senders that are sending into destinations they cannot write to. This change
doesn't introduce any new security but simply would respond more quickly and
efficiently than the current code would.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
