From 5df59dd441c73432f66401bee87f36e339cf4d8a Mon Sep 17 00:00:00 2001
From: Rajith Muditha Attapattu <rajith@apache.org>
Date: Thu, 25 Sep 2008 18:31:49 +0000
Subject: This is a fix for the problem identified in QPID-943. If msg-auth is
 configured as true in config.xml the user_id in message properties is
 verified against the id used at authentication. If not an exception with
 error code 403 is thrown.

git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk/qpid@699044 13f79535-47bb-0310-9956-ffa450edef68
---
 java/broker/etc/config.xml | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'java/broker/etc/config.xml')

diff --git a/java/broker/etc/config.xml b/java/broker/etc/config.xml
index 80ee039ee5..a36fe57c06 100644
--- a/java/broker/etc/config.xml
+++ b/java/broker/etc/config.xml
@@ -74,6 +74,9 @@
         <access>
             <class>org.apache.qpid.server.security.access.plugins.AllowAll</class>
         </access>
+        
+        <msg-auth>false</msg-auth>
+        
         <jmx>
             <access>${conf}/jmxremote.access</access>
             <principal-database>passwordfile</principal-database>
-- 
cgit v1.2.1