qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-7928) [Java Broker] [ACL] Authorisation decisions about the access control provider itself consider its own local rules rather than those of the wider system
Date Wed, 27 Sep 2017 13:13:00 GMT

    [ https://issues.apache.org/jira/browse/QPID-7928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16182534#comment-16182534
] 

ASF subversion and git services commented on QPID-7928:
-------------------------------------------------------

Commit 33c5e6a55db994c1c6da80ed87af20cc7abce81f in qpid-broker-j's branch refs/heads/master
from [~k-wall]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=33c5e6a ]

QPID-7928: [Broker] [ACL] Disentangle uses of #getAccessControl so that authorisation decisions
about the AccessControlProvider itself are governed by the ACL system as a whole.


> [Java Broker] [ACL] Authorisation decisions about the access control provider itself
consider its own local rules rather than those of the wider system
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-7928
>                 URL: https://issues.apache.org/jira/browse/QPID-7928
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Broker
>    Affects Versions: qpid-java-6.1
>            Reporter: Keith Wall
>            Priority: Minor
>             Fix For: qpid-java-broker-7.0.0
>
>
> When making an authorisation decision about an AccessControlProvider object, currently
the implementation considers only the rules provider by the provider itself, rather than delegating
the decision to the hierarchical  mechanism.   This can mean that an authorisation decision
that ought to be allowed is denied.  
> For example, consider a Broker configured with the following {{RuleBased}} AccessControlProviders:
> 1) Broker rule-set {{ACL ALLOW admin ALL ALL}}
> 2) VirtualHost specific rule-set for user  {{ACL ALLOW messaging_user...}}
> As {{admin}}, if I try to update the VirtualHost's {{AccessControlProvider}}, the defect
means that the decision is denied even through the rule at the Broker ought to allow it.
> The defect is that {{AbstractConfiguredObject#getAccessControl}} has two, conflicting,
roles.
> # The method is used by {{AbstractConfiguredObject#authorise()}} method to get the in-force
AccessControl object that should be used to make an access decision for this configured object.
> # In Broker and VirtualHost method #updateAccessControl relies the method to retrieve
an {{AccessControl}} object from the AccessControlProvider.  To allow for this, AccessControlProvider
override #getAccessControl to return the local rules.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message