[ https://issues.apache.org/jira/browse/ARTEMIS-4405?focusedWorklogId=878748&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-878748 ]
ASF GitHub Bot logged work on ARTEMIS-4405: ------------------------------------------- Author: ASF GitHub Bot Created on: 29/Aug/23 03:35 Start Date: 29/Aug/23 03:35 Worklog Time Spent: 10m Work Description: jbertram opened a new pull request, #4594: URL: https://github.com/apache/activemq-artemis/pull/4594 (no comment) Issue Time Tracking ------------------- Worklog Id: (was: 878748) Remaining Estimate: 0h Time Spent: 10m > Incorrect username logging in AMQ601264 events > ---------------------------------------------- > > Key: ARTEMIS-4405 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4405 > Project: ActiveMQ Artemis > Issue Type: Bug > Affects Versions: 2.30.0 > Reporter: Aleksandr Milovidov > Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > We have ActiveMQ Artemis with audit logging turned on, and sometimes wrong > username is logged when user gets an authorization error (audit log event > AMQ601264). I have reproduced this issue when client uses STOMP to connect to > the broker. In that case client username is always logged as anonymous, and > source IP address seems to be correct. > We have a lot of other audit log messages where different usernames are > logged in single log event, but I cannot attach these logs because it > contains sensitive information. I think this problem is not specific to STOMP > clients because most our clients use core and openwire. I will try to > reproduce it later. > The problem is not specific to the current version of Artemis. > Steps to reproduce (for STOMP client): > 1. Create Artemis instance > {{artemis create --user admin --password admin --require-login }} > Edit {{artemis-roles.properties}} and {{artemis-users.properties}} to create > some other user with password and non-admin role. For example, add string > {{alice = alice}} to both files. > Edit log4j2.properties to enable base audit logging: > {code:java} > logger.audit_base = INFO, audit_log_file{code} > To connect to the broker with STOMP I have used python with Stompest library > (it has to be installed using pip install stompest). > Example STOMP producer python code (it does not handle authorization errors): > > {code:java} > from stompest.config import StompConfig > from stompest.protocol import StompSpec > from stompest.sync import Stomp > CONFIG = StompConfig("tcp://localhost:61613", login="alice", > passcode="alice", version=StompSpec.VERSION_1_0) > QUEUE = 'test.queue' > client = Stomp(CONFIG) > client.connect() > client.send(QUEUE, 'Test message'.encode()) > client.disconnect() > {code} > Run this example code. Check broker audit.log. For example: > > {code:java} > 2023-08-28 17:39:20,042 [AUDIT](Thread-1 (activemq-netty-threads)) AMQ601267: > User alice(alice)@127.0.0.1:56685 is creating a core session on target > resource ActiveMQServerImpl::name=0.0.0.0 with parameters: > [ac22db0e-45b0-11ee-b333-005056abe8b9, alice, ****, 102400, > org.apache.activemq.artemis.core.protocol.stomp.StompConnection@3313e538, > true, false, false, false, null, > org.apache.activemq.artemis.core.protocol.stomp.StompSession@2fc820ee, true, > {}] > 2023-08-28 17:39:20,081 [AUDIT](Thread-1 (activemq-netty-threads)) AMQ601262: > User alice(alice)@127.0.0.1:56685 is creating address on target resource: > ac22db0e-45b0-11ee-b333-005056abe8b9 with parameters: [Address > [name=test.queue, id=0, routingTypes={MULTICAST}, autoCreated=false, > paused=false, bindingRemovedTimestamp=-1, swept=false, > createdTimestamp=1693233560081], true] > 2023-08-28 17:39:20,116 [AUDIT](Thread-1 (activemq-netty-threads)) AMQ601264: > User anonymous@127.0.0.1:56685 gets security check failure, reason = > AMQ229032: User: alice does not have permission='CREATE_ADDRESS' on address > test.queue > org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ229032: > User: alice does not have permission='CREATE_ADDRESS' on address test.queue > at > org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.check(SecurityStoreImpl.java:305) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.check(SecurityStoreImpl.java:227) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.securityCheck(ServerSessionImpl.java:503) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.createAddress(ServerSessionImpl.java:972) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.server.impl.ServerSessionImpl.createAddress(ServerSessionImpl.java:962) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.StompConnection.autoCreateDestinationIfPossible(StompConnection.java:184) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.VersionedStompFrameHandler.onSend(VersionedStompFrameHandler.java:188) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.VersionedStompFrameHandler.handleFrame(VersionedStompFrameHandler.java:87) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.StompConnection.handleFrame(StompConnection.java:424) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.StompProtocolManager.handleBuffer(StompProtocolManager.java:162) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.protocol.stomp.StompConnection.bufferReceived(StompConnection.java:307) > [artemis-stomp-protocol-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:698) > [artemis-server-2.30.0.jar:2.30.0] > at > org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73) > [artemis-core-client-2.30.0.jar:2.30.0] > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562) > [netty-transport-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) > [netty-common-4.1.94.Final.jar:4.1.94.Final] > at > io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) > [netty-common-4.1.94.Final.jar:4.1.94.Final] > at > org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118) > [artemis-commons-2.30.0.jar:?]{code} > > -- This message was sent by Atlassian Jira (v8.20.10#820010)