[
https://issues.apache.org/jira/browse/QPID-943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rajith Attapattu updated QPID-943:
----------------------------------
Assignee: Rajith Attapattu (was: Martin Ritchie)
After discussing with Rob, Aidan and Gordon I have made the following changes
to the Java, C++ broker and JMS Clients.
I have used the "user_id" header (available in both 0-8/0-9 and 0-10 spec) to
validate messages as well as to pass the JMSXUserID property.
C++ Broker
--------------------------
If auth == yes and msg-auth == yes, then the user_id specified in the message
properties will be verified against the user_id used in connection
authentication.
The default value for msg-auth is false and can be configured using the
--msg-auth param.
Java Broker
-------------------------
Removed the hack in org.apache.qpid.server.AMQChannel to add the JMXUserID,
instead is using the following strategy.
if security.msg-auth == true then the user_id in the message header will be
compared against the user_id used in connection authentication.
The msg-auth can be configured in config.xml and the default value is false.
JMS Client (0-8/0-9 and 0-10)
-------------------------------------------
Both versions of MessageProducers will insert the user_id used for connection
authentication in to the correct user_id header.
On the receiving side, both versions of MessageConsumers will read the user_id
header and add that as the value for JMSXUserID in the properties.
> Move JMSXUserID creation to client to improve broker performance
> ----------------------------------------------------------------
>
> Key: QPID-943
> URL: https://issues.apache.org/jira/browse/QPID-943
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker, Java Client
> Affects Versions: M2.1
> Reporter: Marnie McCormack
> Assignee: Rajith Attapattu
> Fix For: M4
>
>
> Summary:
> Currently the broker modifies the message to add the JMSXUserID. A better
> approach would be to have the client encode that detail and have the broker
> verify that it is correct. This means that the broker does not have to
> re-encode every message. It also allows the sending client to decide if they
> wish to include the JMSXUserID for validation.
> Proposed Changes:
> Removing existing modification code replacing with validation if the
> JMSXUserID is present. If validation is required to pass then close the
> connection on failures.
> Augment to client to have the ability to manuall or automatically set the
> JMSXUserID based on the authenticated connection.
> Test Strategy:
> Test messages with manual user id creation(correct and incorrect), automatic
> user id creation.
> Test broker in validation mode and lenient mode.
> Testing should include performance metrics to quantify the inpact of the
> additional processing.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
