jbertram commented on code in PR #6396:
URL: https://github.com/apache/artemis/pull/6396#discussion_r3173838472
##########
artemis-server/src/main/java/org/apache/activemq/artemis/core/server/cluster/ClusterController.java:
##########
@@ -407,11 +407,19 @@ public void handlePacket(Packet packet) {
ClusterConnectMessage msg = (ClusterConnectMessage) packet;
- if (server.getConfiguration().isSecurityEnabled() &&
!clusterConnection.verify(msg.getClusterUser(), msg.getClusterPassword())) {
- clusterChannel.send(new ClusterConnectReplyMessage(false));
- } else {
+ boolean userIsValid = false;
+ try {
+ server.validateUser(msg.getClusterUser(),
msg.getClusterPassword(), null, null);
+ userIsValid = true;
+ } catch (Exception e) {
+ // cluster user isn't valid
Review Comment:
The `ClusterController` now uses
`org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl#validateUser`
just like all other authentication attempts. This method already logs
authentication failures via
`org.apache.activemq.artemis.core.server.ActiveMQServerLogger#securityProblemWhileAuthenticating`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
