[ https://issues.apache.org/jira/browse/QPID-2189?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell updated QPID-2189: --------------------------------- Status: Ready To Review (was: In Progress) > only admin level users can complete connection to 2.5.0.0 or below (when > configured to use <security-enabled> / JMXMP) > ---------------------------------------------------------------------------------------------------------------------- > > Key: QPID-2189 > URL: https://issues.apache.org/jira/browse/QPID-2189 > Project: Qpid > Issue Type: Bug > Components: Java Management : JMX Console > Affects Versions: 0.6 > Reporter: Robbie Gemmell > Assignee: Robbie Gemmell > Fix For: 0.6 > > > Only admin level users can complete connection to 2.5.0.0, or older brokers > configured to use <security-enabled> / JMXMP for their management connection. > Thisis due to the new console using a fallback method to determine what 'Qpid > JMX API' version to classify the broker as supporting. In doing so, the > console queries the MbeanServerConnection for the existence of the > UserManagement MBean using an exact match for its 'type' key. Whilst other > calls to the same queryNames method will return the UserManagement MBean's > ObjectName, the broker uses the exact type of this MBean to prevent non-admin > users from actually accessing it and so when the query is an exact match is > placed in the query this raises a SecurityException and causes the connection > to fail. > The solution is to change the query to use an ObjectName pattern to match the > UserManagement MBean which will still match only the Mbean in question but > prevent the security check from denying the request. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org