[ https://issues.apache.org/jira/browse/ARTEMIS-4969?focusedWorklogId=928576&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-928576 ]
ASF GitHub Bot logged work on ARTEMIS-4969: ------------------------------------------- Author: ASF GitHub Bot Created on: 02/Aug/24 20:25 Start Date: 02/Aug/24 20:25 Worklog Time Spent: 10m Work Description: tabish121 opened a new pull request, #5125: URL: https://github.com/apache/activemq-artemis/pull/5125 When using targeted FQQN permissions the AMQP sender needs to check that it can access not only the address but also the queue if sent an FQQN so that the security can validate if the sender has been granted directed access to the FQQN as a whole. Issue Time Tracking ------------------- Worklog Id: (was: 928576) Remaining Estimate: 0h Time Spent: 10m > FQQN Security settings not honored when an AMQP Sender attaches > --------------------------------------------------------------- > > Key: ARTEMIS-4969 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4969 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: AMQP > Affects Versions: 2.36.0 > Reporter: Timothy A. Bish > Assignee: Timothy A. Bish > Priority: Major > Fix For: 2.37.0 > > Time Spent: 10m > Remaining Estimate: 0h > > When an AMQP sender link is attaching with an FQQN in the target address the > initialization code is not checking fully if the sender has specifically > granted FQQN access and can fail the attach in error. Instead of just > checking the FQQN address portion of the target addres both the FQQN address > and queue should be checked with the security store so that the link attach > can complete when authorized. This was addressed for Core clients in > ARTEMIS-4580 -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@activemq.apache.org For additional commands, e-mail: issues-h...@activemq.apache.org For further information, visit: https://activemq.apache.org/contact