Hi Aleksandr,

I reproduced this issue connecting a client without user and password, see
https://github.com/brusdev/activemq-artemis/commit/1b6697bda4bb19806d982cf9fe6a2a0ab6b45a3b

Could you create a new JIRA?

Thanks,
Domenico

On Thu, 19 Oct 2023 at 12:09, MILOVIDOV Aleksandr
<aleksandr.milovi...@raiffeisen.ru.invalid> wrote:

> Hi Domenico,
>
> > maybe this issue is due to the cache, see
> >
> https://github.com/apache/activemq-artemis/blob/2.31.0/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java#L409
> >
> > Could you try to clear the authentication cache using the operation
> > clearAuthenticationCache?
>
> It helped.
> After executing clearAuthenticationCache opertation, I have successfully
> sent a message without entering username and password.
> But when I checked later, I've got previous error.
> I have cleared authentication cache serveral times and tried to send
> messages through console. It seems that I can send message immediately
> after clearing cache, and 5-30 seconds after that operation.
>
> There are settings in broker.xml:
> authentication-cache-size: 10000
> authorization-cache-size: 10000
> security-invalidation-interval: 120000
>
> When I configured LDAP authentication several months ago, I have increased
> both caches size from default (1000), but I don't know if it is small or
> large for our environment, and how to check it's usage.
> It is a shared instance for testing in development environment, and there
> is a lot of user logon events.
> I have also increased security invalidation interval to minimize LDAP
> servers load. Maybe these settings has effect on this problem.
>
> --
> Best regards,
> Aleksandr
>
>
> -----------------------------------
>
> This message and any attachment are confidential and may be privileged or
> otherwise protected from disclosure. If you are not the intended recipient
> any use, distribution, copying or disclosure is strictly prohibited. If you
> have received this message in error, please notify the sender immediately
> either by telephone or by e-mail and delete this message and any attachment
> from your system. Correspondence via e-mail is for information purposes
> only. AO Raiffeisenbank neither makes nor accepts legally binding
> statements by e-mail unless otherwise agreed.
>
> -----------------------------------
>

Reply via email to