How exactly are you looking at the sessions in Hawtio?

I think it would potentially make sense to *add* the validateUser, but I'm
not sure if replacing the existing username data would be wise as there may
be folks out there who rely on the existing behavior.


Justin

On Sat, Apr 2, 2022 at 10:15 PM Aaron Hoffer <[email protected]> wrote:

> Artemis 2.20.0
> We use Hawtio to view the state of Artemis, and to troubleshoot problems in
> the field. We recently switched to 2-way TLS for authentication. A side
> effect of the change was that the "User" field for sessions and other
> objects became an empty string when viewed in Hawtio
>
> The issue is that ServerSessionImpl uses the attribute "username" for user
> identification, via the method getUsername().However, in our case the
> correct client name is stored as the "validatedUser" in the
> ServerSessionImpl. The "validateUser" name is populated from the client's
> TLS certificate by our LoginModule.
>
> Why is "username" (which I think is the AMQP client-id, but I'm not 100%
> sure) used to identify the server session? Could "validatedUser" be used
> instead of "username"?
>
> Aaron Hoffer
> Octo Consulting
>

Reply via email to