[
https://issues.apache.org/jira/browse/ARTEMIS-5751?focusedWorklogId=991205&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-991205
]
ASF GitHub Bot logged work on ARTEMIS-5751:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 11/Nov/25 22:50
Start Date: 11/Nov/25 22:50
Worklog Time Spent: 10m
Work Description: jbertram opened a new pull request, #6053:
URL: https://github.com/apache/activemq-artemis/pull/6053
(no comment)
Issue Time Tracking
-------------------
Worklog Id: (was: 991205)
Remaining Estimate: 0h
Time Spent: 10m
> Don't log stack-trace when MQTT 3.1.1 client isn't authorized to publish
> ------------------------------------------------------------------------
>
> Key: ARTEMIS-5751
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5751
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Reporter: Justin Bertram
> Assignee: Justin Bertram
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently if an MQTT 3.1.1 client attempts to publish a message when it isn't
> authorized to do so a stack-trace is logged, e.g.:
> {noformat}
> 2025-11-04 00:00:36,376 ERROR
> [org.apache.activemq.artemis.core.protocol.mqtt] AMQ834002: Error processing
> control packet:
> MqttPublishMessage[fixedHeader=MqttFixedHeader[messageType=PUBLISH,
> isDup=false, qosLevel=AT_LEAST_ONCE, isRetain=false, remainingLength=123],
> variableHeader=MqttPublishVariableHeader[topicName=my/topic, packetId=1],
> payload=PooledSlicedByteBuf(ridx: 0, widx: 123, cap: 123/123, unwrapped:
> PooledUnsafeDirectByteBuf(ridx: 123, widx: 123, cap: 123))]
> org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ229031:
> Unable to validate user from 1.2.3.4:123. Username: myUsername; SSL
> certificate subject DN: unavailable
> at
> org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticationFailed(SecurityStoreImpl.java:448)
>
> at
> org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.check(SecurityStoreImpl.java:340)
>
> at
> org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.securityCheck(ServerSessionImpl.java:515)
>
> at
> org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.doSend(ServerSessionImpl.java:2318)
>
> at
> org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.send(ServerSessionImpl.java:1948)
>
> at
> org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.send(ServerSessionImpl.java:1887)
>
> at
> org.apache.activemq.artemis.core.protocol.mqtt.MQTTPublishManager.sendToQueue(MQTTPublishManager.java:241)
>
> at
> org.apache.activemq.artemis.core.protocol.mqtt.MQTTProtocolHandler.handlePublish(MQTTProtocolHandler.java:322)
>
> at
> org.apache.activemq.artemis.core.protocol.mqtt.MQTTProtocolHandler.act(MQTTProtocolHandler.java:164)
>
> at org.apache.activemq.artemis.utils.actors.Actor.doTask(Actor.java:32)
> at
> org.apache.activemq.artemis.utils.actors.ProcessorBase.executePendingTasks(ProcessorBase.java:68)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635){noformat}
> We should conform to broker norms for logging authorization failures instead.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
