From 18292d4d79110ab776cc094b4d0d590a29af8d80 Mon Sep 17 00:00:00 2001
From: Rajith Muditha Attapattu <rajith@apache.org>
Date: Thu, 25 Sep 2008 18:31:49 +0000
Subject: This is a fix for the problem identified in QPID-943. If msg-auth is
 configured as true in config.xml the user_id in message properties is
 verified against the id used at authentication. If not an exception with
 error code 403 is thrown.

git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk@699044 13f79535-47bb-0310-9956-ffa450edef68
---
 qpid/java/broker/etc/config.xml | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'qpid/java/broker/etc')

diff --git a/qpid/java/broker/etc/config.xml b/qpid/java/broker/etc/config.xml
index 80ee039ee5..a36fe57c06 100644
--- a/qpid/java/broker/etc/config.xml
+++ b/qpid/java/broker/etc/config.xml
@@ -74,6 +74,9 @@
         <access>
             <class>org.apache.qpid.server.security.access.plugins.AllowAll</class>
         </access>
+        
+        <msg-auth>false</msg-auth>
+        
         <jmx>
             <access>${conf}/jmxremote.access</access>
             <principal-database>passwordfile</principal-database>
-- 
cgit v1.2.1