Hi JB
Thank you so much. Very appreciated.
Best regards
Martin
-Ursprüngliche Nachricht-
Von: Jean-Baptiste Onofré
Gesendet: Donnerstag, 11. April 2024 07:25
An: users@activemq.apache.org
Betreff: Re: Disabled authentication ActiveMQ Classic Webapps since V6.x
H Martin
For the trac
Dear ActiveMQ committers,
One question regarding 5.18.4: has this been released already?
Looking at https://activemq.apache.org/components/classic/download/ I get
confusing information:
* The Schedule & Status table shows 5.18.4 as "Last"
* Below this table I still see 5.18.3
Looking in
H Martin
For the tracking, here's the Jira ticket:
https://issues.apache.org/jira/browse/AMQ-9477
The fix has been merged. We will move forward with the 6.1.2 release
including this.
Thanks for the report.
Regards
JB
On Wed, Apr 10, 2024 at 11:32 AM Zeissig, Martin
wrote:
>
> Dear Community
>
Hi
We can consider a bug.
The reason of the change is because Jetty 11 doesn’t handle the patterns
the same way as Jetty 9.
So what we had as security constraint in Jetty 9 doesn’t work in Jetty 11.
Jetty 11 doesn’t allow wildcard matching the same way.
I will fix that by securing the root cont
Hi
Thanks for the report.
Don’t worry about Jira and such I will do it for you.
I will work on a fix and submit 6.1.2 to vote asap.
Regards
JB
Le mer. 10 avr. 2024 à 14:05, Zeissig, Martin a
écrit :
> Hi Vilius
>
> It's first time for me reporting issues to Apache and I must create
> Account
Hi Vilius
It's first time for me reporting issues to Apache and I must create Account for
Jira first. May I ask you or anyone else to create an official ticket?
I am also not sure if it should better be reported as vulnerability
(https://www.apache.org/security/#reporting-a-vulnerability). Beca
You should probably create a bug ticket first :)
--
Vilius
-Original Message-
From: Zeissig, Martin
Sent: Wednesday, April 10, 2024 2:46 PM
To: users@activemq.apache.org
Subject: AW: Disabled authentication ActiveMQ Classic Webapps since V6.x
Hi Vilius
Thanks for confirmation. Lo
Hi Vilius
Thanks for confirmation. Looking forward to see the fix in next releases ;)
Best regards
-Ursprüngliche Nachricht-
Von: Vilius Šumskas
Gesendet: Mittwoch, 10. April 2024 13:34
An: users@activemq.apache.org
Betreff: RE: Disabled authentication ActiveMQ Classic Webapps since V
Hi,
oh, I remember this. This is exactly what I did in
https://github.com/apache/activemq/commit/c67ada04c77e9379ef25ac62d5ea1fcf20cf8b8f
, and at least /admin endpoint was tested and was properly protected after
that fix. However, I see that configuration went through couple of changes
again
Dear Community
I have updated from ActiveMQ Classic 5.x to 6.1.1.
Since update to 6.1.1 the API (webapps jolokia) is unprotected and can be
accessed without basic authentication:
Example:
http://localhost:8161/api
In previous ActiveMQ Classic versions (5.x) the API was protected with
authentic
I've tested it now (setting the corresponding value on the Artemis CRD to ""),
and it works.
The resulting broker.xml contains:
Many thanks
Andrea
Da: Justin Bertram
Inviato: martedì 9 aprile 2024 20:45
A: users@activemq.apache.or
11 matches
Mail list logo