Uploaded image for project: 'A-MQ Broker'
  1. A-MQ Broker
  2. ENTMQBR-2144

AMQ 7.2 on OpenShift - Login with wrong credentials enabled

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: AMQ 7.2.1.GA
    • Fix Version/s: None
    • Component/s: console
    • Labels:
      None
    • Target Release:
    • Steps to Reproduce:
      Hide

      Create AMQ broker like this:

      oc new-project amq
      oc new-app --template=amq-broker-72-basic \
      -e AMQ_PROTOCOL=openwire \
      -e AMQ_USER=admin \
      -e AMQ_PASSWORD=admin \
      -e AMQ_ROLE=admin

      Login to console with test/test

      Looking at /home/jboss/broker/etc/login.config the GuestLoginModule should be removed as it grants admin rights:

      activemq

      { org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient debug=false reload=true org.apache.activemq.jaas.properties.user="artemis-users.properties" org.apache.activemq.jaas.properties.role="artemis-roles.properties"; org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient debug=false org.apache.activemq.jaas.guest.user="admin" org.apache.activemq.jaas.guest.role="admin"; }

      ;

      Show
      Create AMQ broker like this: oc new-project amq oc new-app --template=amq-broker-72-basic \ -e AMQ_PROTOCOL=openwire \ -e AMQ_USER=admin \ -e AMQ_PASSWORD=admin \ -e AMQ_ROLE=admin Login to console with test/test Looking at /home/jboss/broker/etc/login.config the GuestLoginModule should be removed as it grants admin rights: activemq { org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient debug=false reload=true org.apache.activemq.jaas.properties.user="artemis-users.properties" org.apache.activemq.jaas.properties.role="artemis-roles.properties"; org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient debug=false org.apache.activemq.jaas.guest.user="admin" org.apache.activemq.jaas.guest.role="admin"; } ;

      Description

      When creating a AMQ 7.2 broker instance on OpenShift it is possible to logon to the management console with wrong credentials.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                ataylor Andy Taylor
                Reporter:
                jcordes Jochen Cordes
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: