Sorry that I haven't gotten back to you - I've had a full plate the last couple of weeks. Unfortunately, I don't have the time right now to work on this, so if you want to take a look that would be great! So here's where I posted the patch of the changes I made to the broker for the first go-around: http://people.apache.org/~nmittler/patch.txt. This would be a good place to start. If you're not familiar with how subversion patches work, it's pretty simple ... just a diff file. Check out this link and search for "svn diff" http://svnbook.red-bean.com/nightly/en/svn-book.html
The connected response message is sent from from ProtocolConverter.java ( https://svn.apache.org/repos/asf/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/stomp/ProtocolConverter.java ) The ProtocolConverter is down in the stomp transport. When it receives a connect request, it repackages it into an ActiveMQ command and then forwards it up to the ActiveMQ broker which bubbles the request to TransportConnection.service(). This is where I had added code to handle the security exception. TransportConnector can be found here https://svn.apache.org/repos/asf/incubator/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/broker/TransportConnection.java Take a look and see if you can figure out a good solution. If you're willing, we always welcome patches! :) Thanks, Nate On 12/2/06, aditya_c <[EMAIL PROTECTED]> wrote:
Hi Nate, Just following up on Brian's [bhartsb] post below. Would you be having some time to fix the build so that the "Broker sends an ERROR msg and disconnects, instead of sending a CONNECTED message first and subsequently an ERROR in case a Client tries to connect using the wrong credentials"? We are stuck at this point with our development and would be grateful if you could help us out here. Alternatively if you are not able to find time now, could you guide me as to where would I need to make the changes in the source code, so that I could try and patch it. Hoping for a reply. Regards Aditya Choudhuri bhartsb wrote: > > Hi Nate, > > Thanks for making the changes. However, it is still not quite working > 100% as it should. Right now when a connection is created using invalid > credentials, the broker is sending back a CONNECTED msg first and then an > ERROR msg. The correct behaviour should be to send an ERROR msg and > disconnect. Not send CONNECTED first. > > THis was also discussed in another thread and the behaviour agreed on was > as I describe: > > http://www.nabble.com/Proper-behavior-for-client-authorization-failure-tf2497200.html > > Hopefully you can send another JAR soon. > > Thanks again. > > nmittler wrote: >> >> BTW, can you guys point me to the JIRA issue that has been created for >> this? >> >> Thanks, >> Nate >> >> On 11/11/06, Nathan Mittler <[EMAIL PROTECTED]> wrote: >>> >>> Ok guys, >>> I've got a build that I'd like you to try: >>> >>> http://people.apache.org/~nmittler/< http://people.apache.org/%7Enmittler/> apache-activemq-4.2-incubator-SNAPSHOT.tar.gz >>> >>> < http://people.apache.org/%7Enmittler/apache-activemq-4.2-incubator-SNAPSHOT.tar.gz >. >>> >>> >>> Let me know how it goes. >>> >>> Regards, >>> Nate >>> >>> On 11/10/06, bhartsb <[EMAIL PROTECTED]> wrote: >>> > >>> > >>> > >>> > Yes either Avinash or Aditya has previously opened a JIRA issue. I >>> > don't >>> > know if anyone has claimed it however, nor an ETA. >>> > >>> > Thanks. >>> > >>> > >>> > nmittler wrote: >>> > > >>> > > As far as I can tell, the activemq-cpp client should handle this >>> > properly >>> > > ( >>> > > i.e. throw an exception on receipt of a stomp error frame). >>> > > >>> > > It sounds like this problem has been brought up before - has a JIRA >>> > issue >>> > > been created? If not, please create one, and I'll take a crack at >>> it. >>> > >>> > > >>> > > Thanks, >>> > > Nate >>> > > >>> > > On 11/10/06, bhartsb <[EMAIL PROTECTED]> wrote: >>> > >> >>> > >> >>> > >> Hi I'll chime in here as this work discussed is being done for me. >>> > >> >>> > >> First, you are correct that the CONNECTED msg is coming from the >>> > >> broker...I >>> > >> think that was just a typing error by my developer. >>> > >> >>> > >> As for the issue, the C++ call createConnection() creates a low >>> level >>> > >>> > >> connection(assume), and passes credentials. Then the broker should >>> > send a >>> > >> STOMP ERROR msg back (if credentials are wrong) and disconnect. It >>> > seems >>> > >> this has already been discussed with regard to the RUBY client: >>> > >> >>> > >> >>> > >> >>> > >>> http://www.nabble.com/Proper-behavior-for-client-authorization-failure-tf2497200.html >>> > >> >>> > >> If the C++ app. upon receiving ERROR then wants to create an >>> > exception, I >>> > >> suppose it could. >>> > >> >>> > >> Any ETA for this fix? >>> > >> >>> > >> Thanks. >>> > >> >>> > >> Hiram Chirino wrote: >>> > >> > >>> > >> > I'm thinking an ERROR should be sent back if an invalid CONNECT >>> is >>> > >> > given and then the connection should just get terminated. >>> > >> > >>> > >> > On 11/8/06, Timothy Bish <[EMAIL PROTECTED]> wrote: >>> > >> >> >>> > >> >> > >>> > >> >> > Thanks for your reply. >>> > >> >> > >>> > >> >> > We are not getting any errors when we are trying to >>> send/receive >>> > >> >> message. >>> > >> >> > >>> > >> >> > What we require here is that, when we are sending wrong >>> > credentials >>> > >> to >>> > >> >> the >>> > >> >> > AMQ Broker, the C++ ActiveMQ client should be able to get the >>> > >> >> > Authentication >>> > >> >> > failed error code. >>> > >> >> >>> > >> >> Right we get that, we just wanted to know how much functionality >>> > the >>> > >> >> stomp >>> > >> >> client had when connected with bad credentials. Sounds like >>> none >>> > is >>> > >> what >>> > >> >> you're seeing. >>> > >> >> >>> > >> >> > >>> > >> >> > The 'CONNECTED' message is not being sent by AMQ Broker at >>> all, >>> > as >>> > >> the >>> > >> >> > plug-in is installed in the Broker. >>> > >> >> > >>> > >> >> > This 'CONNECTED' message we are receiving in the >>> > >> SocketInputStream.cpp >>> > >> >> > class >>> > >> >> > present under C++ ActiveMQ client. >>> > >> >> >>> > >> >> The connected message would have to be coming from the Broker as >>> > the >>> > >> CPP >>> > >> >> client wouldn't spuriously create one for you. We are looking >>> > into >>> > >> what >>> > >> >> the >>> > >> >> correct behavior should be given the limitations of the stomp >>> > >> protocol. >>> > >> >> >>> > >> >> We'll keep you posted on the fix. >>> > >> >> >>> > >> >> Regards >>> > >> >> Tim >>> > >> >> >>> > >> >> >>> > >> >> >>> > >> >> >>> > >> > >>> > >> > >>> > >> > -- >>> > >> > Regards, >>> > >> > Hiram >>> > >> > >>> > >> > Blog: http://hiramchirino.com >>> > >> > >>> > >> > >>> > >> >>> > >> -- >>> > >> View this message in context: >>> > >> >>> http://www.nabble.com/Problem-with-STOMP-C%2B%2B-Client-connecting-with-a-AMQ-Broker-having-Authorization-and-Authentication-Plugins-installed-tf2582789.html#a7274843 >>> > >>> > >> Sent from the ActiveMQ - User mailing list archive at Nabble.com. >>> > >> >>> > >> >>> > > >>> > > >>> > >>> > -- >>> > View this message in context: >>> > >>> http://www.nabble.com/Problem-with-STOMP-C%2B%2B-Client-connecting-with-a-AMQ-Broker-having-Authorization-and-Authentication-Plugins-installed-tf2582789.html#a7284666 >>> > Sent from the ActiveMQ - User mailing list archive at Nabble.com. >>> > >>> > >>> >> >> > > -- View this message in context: http://www.nabble.com/Problem-with-STOMP-C%2B%2B-Client-connecting-with-a-AMQ-Broker-having-Authorization-and-Authentication-Plugins-installed-tf2582789.html#a7652115 Sent from the ActiveMQ - User mailing list archive at Nabble.com.
