Effective October 27, 2012, online and email support for FuseSource products will move to Red Hat support channels. For more information, please see the JIRA Migration to Red Hat FAQ.
As of October 27th, please open all new issues in the Red Hat Customer Portal .
Issue Details (XML | Word | Printable)

Key: MB-871
Type: Bug Bug
Status: Open Open
Priority: Major Major
Assignee: Unassigned
Reporter: Susan Javurek
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
FUSE Message Broker

Un-Authorized queue error from an Ldap server is not propogated back to the consumer

Created: 27/Apr/11 12:44 PM   Updated: 28/Apr/11 12:48 PM
Component/s: broker
Affects Version/s: 5.4.2-fuse-02-00
Fix Version/s: None


 Description  « Hide
Hi,

As I was testing MB-851, I ran across a scneario where my queue was not defined in Open LDAP. I received an error in my log:

WARN | Failed to add Connection ID:Susan-Javureks-MacBook-Pro-2.local-53766-1303906709971-0:1, reason: java.lang.SecurityException: User name or password is invalid.
ERROR | javax.naming.NameNotFoundException: [LDAP: error code 32 - NO_SUCH_OBJECT: failed for     SearchRequest
        baseDn : 'cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex'
        filter : '(2.5.4.3=write)'
        scope : whole subtree
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 'member'
: ERR_259 Attempt to search under non-existant entry:  cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex]; remaining name 'cn=TEST.FOO,ou=Queue,ou=Destination,ou=ActiveMQ,ou=dmn,dc=dex'
 WARN | Async error occurred: java.lang.SecurityException: User jdoe is not authorized to write to: queue://TEST.FOO
java.lang.SecurityException: User jdoe is not authorized to write to: queue://TEST.FOO
	at org.apache.activemq.security.AuthorizationBroker.addProducer(AuthorizationBroker.java:163)
	at org.apache.activemq.broker.MutableBrokerFilter.addProducer(MutableBrokerFilter.java:99)
	at org.apache.activemq.broker.TransportConnection.processAddProducer(TransportConnection.java:510)
	at org.apache.activemq.command.ProducerInfo.visit(ProducerInfo.java:105)
	at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:310)
	at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:184)
	at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
	at org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)
	at org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:227)
	at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
	at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:222)
	at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:204)
	at java.lang.Thread.run(Thread.java:680)

That's fine and helpful! Unfortunately, my consumer looks like it worked:

Producer Tool snippet ...
     [java]     producers {
     [java]       producer queue://TEST.FOO {
     [java]         messageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of messages processed }
     [java]         messageRateTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time taken to process a message (thoughtput rate) }
     [java]         pendingMessageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of pending messages }
     [java]         messageRateTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time taken to process a message (thoughtput rate) }
     [java]         expiredMessageCount{ count: 0 unit: count startTime: 1303906833869 lastSampleTime: 1303906833869 description: Number of expired messages }
     [java]         messageWaitTime{ count: 0 maxTime: 0 minTime: 0 totalTime: 0 averageTime: 0.0 averageTimeExMinMax: 0.0 averagePerSecond: 0.0 averagePerSecondExMinMax: 0.0 unit: millis startTime: 1303906833869 lastSampleTime: 1303906833869 description: Time spent by a message before being delivered }
     [java]       }
     [java]     }
     [java]     consumers {
     [java]     }
     [java]   }
     [java] }
     [java] All threads completed their work

BUILD SUCCESSFUL

I think an error needs to be returned here.

Test Case:

Same test case as MB-851.
Rename the TEST.FOO entry to TEST.FOO2 or delete it.

 All   Comments   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Susan Javurek added a comment - 28/Apr/11 12:48 PM
Hi, I also noticed this happens with org.apache.activemq.jaas.PropertiesLoginModule too. A bit easier to set up.


Powered by Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators