[
https://issues.apache.org/jira/browse/AMQ-9627?focusedWorklogId=946197&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-946197
]
ASF GitHub Bot logged work on AMQ-9627:
---------------------------------------
Author: ASF GitHub Bot
Created on: 29/Nov/24 23:36
Start Date: 29/Nov/24 23:36
Worklog Time Spent: 10m
Work Description: Nikita-Shupletsov commented on code in PR #1358:
URL: https://github.com/apache/activemq/pull/1358#discussion_r1863993226
##########
activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java:
##########
@@ -936,7 +936,11 @@ public void namingExceptionThrown(NamingExceptionEvent
namingExceptionEvent) {
// Init / Destroy
public void afterPropertiesSet() throws Exception {
- query();
+ try {
+ query();
+ } catch (Exception e) {
+ LOG.error("Error updating authorization map. Partial policy may
be applied until the next successful update.", e);
Review Comment:
I copied the existing error message from
https://github.com/apache/activemq/blob/main/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java#L679
please let me know what you think
Issue Time Tracking
-------------------
Worklog Id: (was: 946197)
Time Spent: 20m (was: 10m)
> Broker will not start if cachedLDAPAuthorizationMap is used and LDAP server
> is unavailable
> -------------------------------------------------------------------------------------------
>
> Key: AMQ-9627
> URL: https://issues.apache.org/jira/browse/AMQ-9627
> Project: ActiveMQ Classic
> Issue Type: Bug
> Reporter: Nikita Shupletsov
> Priority: Minor
> Time Spent: 20m
> Remaining Estimate: 0h
>
> When cachedLDAPAuthorizationMap is used and LDAP is down, the broker will not
> start and fail with the following exception:
>
> {{org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'org.apache.activemq.xbean.XBeanBrokerService#0' defined in
> class path resource
> [org/apache/activemq/security/activemq-ldap-cached-map.xml]: Cannot create
> inner bean 'authorizationPlugin#674658f7' of type
> [org.apache.activemq.security.AuthorizationPlugin] while setting bean
> property 'plugins' with key [1]}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBeanValue(BeanDefinitionValueResolver.java:421)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.lambda$resolveValueIfNecessary$0(BeanDefinitionValueResolver.java:149)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:262)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:148)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:460)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:191)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1705)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1454)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:599)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:522)}}
> {{ at
> org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:337)}}
> {{ at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)}}
> {{ at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:335)}}
> {{ at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200)}}
> {{ at
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:975)}}
> {{ at
> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:971)}}
> {{ at
> org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:625)}}
> {{ at
> org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:64)}}
> {{ at
> org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:52)}}
> {{ at
> org.apache.activemq.xbean.XBeanBrokerFactory$1.<init>(XBeanBrokerFactory.java:104)}}
> {{ at
> org.apache.activemq.xbean.XBeanBrokerFactory.createApplicationContext(XBeanBrokerFactory.java:104)}}
> {{ at
> org.apache.activemq.xbean.XBeanBrokerFactory.createBroker(XBeanBrokerFactory.java:67)}}
> {{ at
> org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:71)}}
> {{ at
> org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:54)}}
> {{ at
> org.apache.activemq.broker.BrokerFactory.createBroker(BrokerFactory.java:85)}}
> {{ at
> org.apache.activemq.security.LdapCachedLDAPAuthorizationMapTest.testStartBrokerWhenLdapServerIsUnreachable(LdapCachedLDAPAuthorizationMapTest.java:21)}}
> {{ at
> java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)}}
> {{ at java.base/java.lang.reflect.Method.invoke(Method.java:580)}}
> {{ at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)}}
> {{ at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)}}
> {{ at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)}}
> {{ at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)}}
> {{ at
> org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)}}
> {{ at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)}}
> {{ at
> org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)}}
> {{ at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)}}
> {{ at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)}}
> {{ at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63)}}
> {{ at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331)}}
> {{ at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79)}}
> {{ at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329)}}
> {{ at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66)}}
> {{ at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293)}}
> {{ at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)}}
> {{ at org.junit.runners.ParentRunner.run(ParentRunner.java:413)}}
> {{ at
> org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:316)}}
> {{ at
> org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:240)}}
> {{ at
> org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:214)}}
> {{ at
> org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:155)}}
> {{ at
> org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:385)}}
> {{ at
> org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:162)}}
> {{ at
> org.apache.maven.surefire.booter.ForkedBooter.run(ForkedBooter.java:507)}}
> {{ at
> org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:495)}}
> {{Caused by: org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'authorizationPlugin#674658f7' defined in class path
> resource [org/apache/activemq/security/activemq-ldap-cached-map.xml]: Cannot
> create inner bean '(inner bean)#68ace111' of type
> [org.apache.activemq.security.CachedLDAPAuthorizationMap] while setting
> constructor argument}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBeanValue(BeanDefinitionValueResolver.java:421)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.lambda$resolveValueIfNecessary$1(BeanDefinitionValueResolver.java:153)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:262)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:152)}}
> {{ at
> org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:682)}}
> {{ at
> org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:203)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1375)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1212)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:562)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:522)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBeanValue(BeanDefinitionValueResolver.java:407)}}
> {{ ... 52 more}}
> {{Caused by: org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name '(inner bean)#68ace111' defined in class path
> resource [org/apache/activemq/security/activemq-ldap-cached-map.xml]:
> localhost:1024}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1806)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:600)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:522)}}
> {{ at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBeanValue(BeanDefinitionValueResolver.java:407)}}
> {{ ... 62 more}}
> {{Caused by: javax.naming.CommunicationException: localhost:1024 [Root
> exception is java.net.ConnectException: Connection refused]}}
> {{ at
> java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:253)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:141)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1620)}}
> {{ at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2848)}}
> {{ at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:349)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:229)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:247)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)}}
> {{ at
> java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)}}
> {{ at
> java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:520)}}
> {{ at
> java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)}}
> {{ at
> java.naming/javax.naming.InitialContext.init(InitialContext.java:236)}}
> {{ at
> java.naming/javax.naming.InitialContext.<init>(InitialContext.java:208)}}
> {{ at
> java.naming/javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:130)}}
> {{ at
> org.apache.activemq.security.SimpleCachedLDAPAuthorizationMap.createContext(SimpleCachedLDAPAuthorizationMap.java:142)}}
> {{ at
> org.apache.activemq.security.SimpleCachedLDAPAuthorizationMap.open(SimpleCachedLDAPAuthorizationMap.java:172)}}
> {{ at
> org.apache.activemq.security.SimpleCachedLDAPAuthorizationMap.query(SimpleCachedLDAPAuthorizationMap.java:227)}}
> {{ at
> org.apache.activemq.security.SimpleCachedLDAPAuthorizationMap.afterPropertiesSet(SimpleCachedLDAPAuthorizationMap.java:939)}}
> {{ at
> org.apache.activemq.security.CachedLDAPAuthorizationMap.afterPropertiesSet(CachedLDAPAuthorizationMap.java:34)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1853)}}
> {{ at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1802)}}
> {{ ... 65 more}}
> {{Caused by: java.net.ConnectException: Connection refused}}
> {{ at java.base/sun.nio.ch.Net.connect0(Native Method)}}
> {{ at java.base/sun.nio.ch.Net.connect(Net.java:589)}}
> {{ at java.base/sun.nio.ch.Net.connect(Net.java:578)}}
> {{ at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:583)}}
> {{ at
> java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:327)}}
> {{ at java.base/java.net.Socket.connect(Socket.java:751)}}
> {{ at java.base/java.net.Socket.connect(Socket.java:686)}}
> {{ at java.base/java.net.Socket.<init>(Socket.java:555)}}
> {{ at java.base/java.net.Socket.<init>(Socket.java:324)}}
> {{ at
> java.base/javax.net.DefaultSocketFactory.createSocket(SocketFactory.java:267)}}
> {{ at
> java.naming/com.sun.jndi.ldap.Connection.createConnectionSocket(Connection.java:341)}}
> {{ at
> java.naming/com.sun.jndi.ldap.Connection.createSocket(Connection.java:285)}}
> {{ at
> java.naming/com.sun.jndi.ldap.Connection.<init>(Connection.java:232)}}
> {{ ... 86 more}}
>
> it's rather inconvenient, as cachedLDAPAuthorizationMap is usually used to
> avoid issues with the LDAP server being not always available
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
