-
Bug
-
Resolution: Done
-
Major
-
None
-
AMQ 7.12.0.GA
-
2
-
False
-
None
-
False
-
-
AMQ Broker secured with
java ... -Dhawtio.role=* -Djavax.management.builder.initial=org.apache.activemq.artemis.core.server.management.ArtemisRbacMBeanServerBuilder
See
JAAS deny internal jolokia calls do not have an authenticated subject and error out with these ugly logs:
AMQ601716: User anonymous@internal failed authentication on connection management, reason: AMQ229031: Unable to validate user from management. Username: null; SSL certificate subject DN: unavailable jolokia-agent: Error while using detector GeronimoDetector: java.lang.SecurityException: AMQ229031: Unable to validate user from management. Username: null; SSL certificate subject DN: unavailable java.lang.SecurityException: AMQ229031: Unable to validate user from management. Username: null; SSL certificate subject DN: unavailable at org.apache.activemq.artemis.core.server.management.ArtemisRbacInvocationHandler.securityCheck(ArtemisRbacInvocationHandler.java:207) ~[artemis-server-2.33.0.redhat-00010.jar:2.33.0.redhat-00010] at org.apache.activemq.artemis.core.server.management.ArtemisRbacInvocationHandler.invoke(ArtemisRbacInvocationHandler.java:71) ~[artemis-server-2.33.0.redhat-00010.jar:2.33.0.redhat-00010] at jdk.proxy2/jdk.proxy2.$Proxy29.queryNames(Unknown Source) ~[?:?] at org.jolokia.backend.executor.AbstractMBeanServerExecutor.queryNames(AbstractMBeanServerExecutor.java:113) ~[jolokia-core-1.7.1.redhat-00001.jar:?] at org.jolokia.detector.AbstractServerDetector.searchMBeans(AbstractServerDetector.java:46) ~[jolokia-core-1.7.1.redhat-00001.jar:?] at org.jolokia.detector.AbstractServerDetector.getSingleStringAttribute(AbstractServerDetector.java:124) ~[jolokia-core-1.7.1.redhat-00001.jar:?] at org.jolokia.detector.GeronimoDetector.detect(GeronimoDetector.java:32) ~[jolokia-core-1.7.1.redhat-00001.jar:?] at org.jolokia.backend.MBeanServerHandler.detectServers(MBeanServerHandler.java:291) [jolokia-core-1.7.1.redhat-00001.jar:?]
- duplicates
-
ENTMQBR-9335 When using new feature for management operations (mops), the broker shows some security exceptions, but only when starting
- Closed
- is related to
-
ENTMQBR-7188 Deploy jolokia agent secured with mtls by default for the control plane
- In Progress