[
https://issues.apache.org/jira/browse/ARTEMIS-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17835899#comment-17835899
]
Justin Bertram commented on ARTEMIS-617:
----------------------------------------
[~jmesnil], are you still interested in this change?
> Improve Container-managed security in resource adapter
> ------------------------------------------------------
>
> Key: ARTEMIS-617
> URL: https://issues.apache.org/jira/browse/ARTEMIS-617
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 1.1.0, 1.2.0
> Reporter: Jeff Mesnil
> Priority: Major
>
> Artemis RA has been coded to support container-managed security.
> If there is a security domain specified for its resource adapter, Artemis
> ManagedConnection will use the security's Subject for its
> authentication on the broker side.
> However there is one use case that is not working as I expect.
> When the user specifies credentials when calling the RA's
> ConnectionFactory methods, Artemis discards them if there is a subject
> from the SecurityDomain.
> The correct behaviour should be the opposite: (more specific) credential
> parameters from the ConnectionRequestInfo should have precedence over the
> (more general) Subject's from the security domain.
> The new code path would be:
> * If there are credentials from the ConnectionRequestInfo, use them
> * else if there is a Subject, use it
> * else raise an exception.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
