[jira] [Created] (ARTEMIS-2344) [AMQP] Broker does not send security errors for unauthorized anonymous sasl

Domenico Bruscino (JIRA) Thu, 16 May 2019 22:33:20 -0700

Domenico Bruscino created ARTEMIS-2344:
------------------------------------------


             Summary: [AMQP] Broker does not send security errors for 
unauthorized anonymous sasl
                 Key: ARTEMIS-2344
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-2344
             Project: ActiveMQ Artemis
          Issue Type: Bug
          Components: AMQP
    Affects Versions: 2.9.0
            Reporter: Domenico Bruscino


When user attempts unauthorized anonymous sasl, using AMQP protocol, the broker 
can return an internal error ("amqp:internal-error") instead of the security 
error ("amqp:unauthorized-access") that is expected in these cases.

 

Source code to reproduce the issue using test 
testNoUserOrPasswordWithoutSaslRestrictions:

https://github.com/brusdev/activemq-artemis/blob/amqp_security_error/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/JMSConnectionWithSecurityTest.java



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (ARTEMIS-2344) [AMQP] Broker does not send security errors for unauthorized anonymous sasl

Reply via email to