[jboss-jira] [JBoss JIRA] (WFLY-5142) JMS client which does not specify user/password during creating connection to server is not considered as "guest"
Martin Styk (JIRA)
issues at jboss.org
Tue Sep 8 10:49:00 EDT 2015
[ https://issues.jboss.org/browse/WFLY-5142?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13106402#comment-13106402 ]
Martin Styk commented on WFLY-5142:
-----------------------------------
If you want unauthenticated identity to be considered as a "guest", your standalone-full...xml should contain <module-option name="unauthenticatedIdentity" value="guest"/> in <login-module code="RealmDirect" flag="required">
{noformat}
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
...
<login-module code="RealmDirect" flag="required">
...
<module-option name="unauthenticatedIdentity" value="guest"/>
...
</login-module>
...
</authentication>
</security-domain>
...
</subsystem>
{noformat}
> JMS client which does not specify user/password during creating connection to server is not considered as "guest"
> -----------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-5142
> URL: https://issues.jboss.org/browse/WFLY-5142
> Project: WildFly
> Issue Type: Bug
> Components: Documentation, JMS
> Affects Versions: 10.0.0.Beta1
> Environment: Fedora 22
> openjdk 8
> Reporter: Erich Duda
> Assignee: Jeff Mesnil
> Attachments: application-roles.properties, standalone-full-ha.xml
>
>
> Although remote calls requires to create an user and use explicit user credentials, in EAP 6 there is an workaround for that, see [JBPAPP6-1529|https://issues.jboss.org/browse/JBPAPP6-1529]. However, when I test the workaround in EAP 7, the JMS client is not considered as "guest" user.
> {noformat}
> javax.jms.JMSSecurityException: AMQ119031: Unable to validate user: null
> at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:410)
> at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQClientProtocolManager.createSessionContext(ActiveMQClientProtocolManager.java:335)
> at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQClientProtocolManager.createSessionContext(ActiveMQClientProtocolManager.java:262)
> at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSessionChannel(ClientSessionFactoryImpl.java:1540)
> at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(ClientSessionFactoryImpl.java:744)
> at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl.createSession(ClientSessionFactoryImpl.java:311)
> at org.apache.activemq.artemis.jms.client.ActiveMQConnection.authorize(ActiveMQConnection.java:720)
> at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:819)
> at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:170)
> at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:165)
> at org.jboss.qa.hornetq.test.security.SecurityClient.getConnection(SecurityClient.java:409)
> at org.jboss.qa.hornetq.test.security.SecurityClient.initializeClient(SecurityClient.java:114)
> at org.jboss.qa.hornetq.test.security.PermissionSecurityTestCase.testSecurityWithGuest(PermissionSecurityTestCase.java:123)
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list