Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-8456

The fix of ENTMQBR-7118 does not work with Microsoft Active Directory specifically

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not a Bug
    • Critical
    • None
    • AMQ 7.11.0.GA
    • broker-core
    • None
    • False
    • None
    • False
    • Critical

    Description

      The JIRA ENTMQBR-7118 has been fixed with patch 3226 and on AMQ 7.11.0 and onwards. However, the fix works with Apache DS and Oracle Directory Server, but it does not work with Microsoft Active Directory specifically.

      When running the tests mentioned in the JIRA ENTMQBR-7118, the following error was thrown:

      2023-06-01 15:59:57,917 [AUDIT](Thread-39878 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@6134ac4a)) AMQ601264: User user6(team6)@127.0.0.1:52344 gets security check failure: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ229032: User: user6 does not have permission='CREATE_ADDRESS' on address project6.test]

      Although the team6 has been configured to have "admin", "read" and "write" permission on the destination "project6.$".

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-7118 LegacyLDAPSecuritySettingPlugin allows new user to access new destinations if a default wildcard address '$' exists in LDAP

          • Critical - To be worked on immediately following BLOCKER issues.
          • Verified
          relates to

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-8297 Caching Issue with Pooling Enabled for LDAP

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-5429 LegacyLDAPSecuritySettingPlugin listener throws AMQ224086 with Active Directory

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rhn-support-jbertram Justin Bertram
              rhn-support-qluo Joe Luo
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: