[
https://issues.apache.org/jira/browse/ARTEMIS-4969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17871269#comment-17871269
]
ASF subversion and git services commented on ARTEMIS-4969:
----------------------------------------------------------
Commit be4995a530f09fb3fec44c8174f1c015fabc45d9 in activemq-artemis's branch
refs/heads/main from Timothy Bish
[ https://gitbox.apache.org/repos/asf?p=activemq-artemis.git;h=be4995a530 ]
ARTEMIS-4969 Ensure AMQP senders can target FQQN if authorized
When using targeted FQQN permissions the AMQP sender needs to check that
it can access not only the address but also the queue if sent an FQQN so
that the security can validate if the sender has been granted directed
access to the FQQN as a whole.
> FQQN Security settings not honored when an AMQP Sender attaches
> ---------------------------------------------------------------
>
> Key: ARTEMIS-4969
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4969
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
> Affects Versions: 2.36.0
> Reporter: Timothy A. Bish
> Assignee: Timothy A. Bish
> Priority: Major
> Fix For: 2.37.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> When an AMQP sender link is attaching with an FQQN in the target address the
> initialization code is not checking fully if the sender has specifically
> granted FQQN access and can fail the attach in error. Instead of just
> checking the FQQN address portion of the target addres both the FQQN address
> and queue should be checked with the security store so that the link attach
> can complete when authorized. This was addressed for Core clients in
> ARTEMIS-4580
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
