[jira] [Work logged] (ARTEMIS-4969) FQQN Security settings not honored when an AMQP Sender attaches

Fri, 02 Aug 2024 13:26:06 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-4969?focusedWorklogId=928576&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-928576
 ]

ASF GitHub Bot logged work on ARTEMIS-4969:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 02/Aug/24 20:25
            Start Date: 02/Aug/24 20:25
    Worklog Time Spent: 10m 
      Work Description: tabish121 opened a new pull request, #5125:
URL: https://github.com/apache/activemq-artemis/pull/5125

   When using targeted FQQN permissions the AMQP sender needs to check that it 
can access not only the address but also the queue if sent an FQQN so that the 
security can validate if the sender has been granted directed access to the 
FQQN as a whole.




Issue Time Tracking
-------------------

            Worklog Id:     (was: 928576)
    Remaining Estimate: 0h
            Time Spent: 10m

> FQQN Security settings not honored when an AMQP Sender attaches
> ---------------------------------------------------------------
>
>                 Key: ARTEMIS-4969
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4969
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: AMQP
>    Affects Versions: 2.36.0
>            Reporter: Timothy A. Bish
>            Assignee: Timothy A. Bish
>            Priority: Major
>             Fix For: 2.37.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> When an AMQP sender link is attaching with an FQQN in the target address the 
> initialization code is not checking fully if the sender has specifically 
> granted FQQN access and can fail the attach in error.  Instead of just 
> checking the FQQN address portion of the target addres both the FQQN address 
> and queue should be checked with the security store so that the link attach 
> can complete when authorized.  This was addressed for Core clients in 
> ARTEMIS-4580



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@activemq.apache.org
For additional commands, e-mail: issues-h...@activemq.apache.org
For further information, visit: https://activemq.apache.org/contact

Reply via email to