[jira] [Work logged] (ARTEMIS-4963) Reject openwire senders that lack SEND permissions on attach

Thu, 01 Aug 2024 12:10:12 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-4963?focusedWorklogId=928347&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-928347
 ]

ASF GitHub Bot logged work on ARTEMIS-4963:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 01/Aug/24 19:08
            Start Date: 01/Aug/24 19:08
    Worklog Time Spent: 10m 
      Work Description: tabish121 opened a new pull request, #5122:
URL: https://github.com/apache/activemq-artemis/pull/5122

   Check that an attaching Openwire producer has SEND permission on the target 
destination and reject it if it does not instead of delaying checks until the 
actual send. For anonymous producers check early in the send process to reduce 
overhead in the JVM handling messages that are going to fail to send.




Issue Time Tracking
-------------------

            Worklog Id:     (was: 928347)
    Remaining Estimate: 0h
            Time Spent: 10m

> Reject openwire senders that lack SEND permissions on attach
> ------------------------------------------------------------
>
>                 Key: ARTEMIS-4963
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4963
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: OpenWire
>    Affects Versions: 2.36.0
>            Reporter: Timothy A. Bish
>            Assignee: Timothy A. Bish
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently the Openwire producers are allowed to attach even when the named 
> destination(s) it requests don't offer send permissions to the logged in user 
> (the sends themselves are validated).  The sends from these named or from 
> anonymous producers are checked for permission but only after such things as 
> conversion of the message to Core has happened which leads to unnecessary GC 
> overhead and wasted CPU cycles if the send is going to ultimately be 
> rejected.  
> We should reject Openwire senders on attach (which is what the ActiveMQ 
> 'Classic' broker does) and we should check send permissions prior to 
> unnecessarily converting messages to Core to reduce overhead from anonymous 
> senders that are sending into destinations they cannot write to.  This change 
> doesn't introduce any new security but simply  would respond more quickly and 
> efficiently than the current code would.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@activemq.apache.org
For additional commands, e-mail: issues-h...@activemq.apache.org
For further information, visit: https://activemq.apache.org/contact

Reply via email to