Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-2144

AMQ 7.2 on OpenShift - Login with wrong credentials enabled

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not a Bug
    • Major
    • None
    • AMQ 7.2.1.GA
    • console
    • None
    • Hide

      Create AMQ broker like this:

      oc new-project amq
      oc new-app --template=amq-broker-72-basic \
      -e AMQ_PROTOCOL=openwire \
      -e AMQ_USER=admin \
      -e AMQ_PASSWORD=admin \
      -e AMQ_ROLE=admin

      Login to console with test/test

      Looking at /home/jboss/broker/etc/login.config the GuestLoginModule should be removed as it grants admin rights:

      activemq {
      org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient
      debug=false
      reload=true
      org.apache.activemq.jaas.properties.user="artemis-users.properties"
      org.apache.activemq.jaas.properties.role="artemis-roles.properties";

      org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient
      debug=false
      org.apache.activemq.jaas.guest.user="admin"
      org.apache.activemq.jaas.guest.role="admin";
      };

      Show
      Create AMQ broker like this: oc new-project amq oc new-app --template=amq-broker-72-basic \ -e AMQ_PROTOCOL=openwire \ -e AMQ_USER=admin \ -e AMQ_PASSWORD=admin \ -e AMQ_ROLE=admin Login to console with test/test Looking at /home/jboss/broker/etc/login.config the GuestLoginModule should be removed as it grants admin rights: activemq { org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient debug=false reload=true org.apache.activemq.jaas.properties.user="artemis-users.properties" org.apache.activemq.jaas.properties.role="artemis-roles.properties"; org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient debug=false org.apache.activemq.jaas.guest.user="admin" org.apache.activemq.jaas.guest.role="admin"; };

    Description

      When creating a AMQ 7.2 broker instance on OpenShift it is possible to logon to the management console with wrong credentials.

      Attachments

        Activity

          People

            rh-ee-ataylor Andy Taylor
            rhn-gps-jcordes Jochen Cordes
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: