qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rajith Attapattu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-3415) CRAM-MD5-HASHED not supported by 0-10 protocol (+ no suppport for custom SASL mechanisms).
Date Tue, 06 Sep 2011 18:21:10 GMT

    [ https://issues.apache.org/jira/browse/QPID-3415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13098242#comment-13098242
] 

Rajith Attapattu commented on QPID-3415:
----------------------------------------

I would also want to test this patch with GSSAPI and EXTERNAL to ensure everything works as
expected.
We do have existing customers that rely on those two mechanisms. I'll try to get the testing
going asap.

> CRAM-MD5-HASHED not supported by 0-10 protocol (+ no suppport for custom SASL mechanisms).
> ------------------------------------------------------------------------------------------
>
>                 Key: QPID-3415
>                 URL: https://issues.apache.org/jira/browse/QPID-3415
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Client
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Rajith Attapattu
>             Fix For: 0.13
>
>
> If the Java broker is configured to use the Base64MD5Password password database the Java
client is unable to connect even if they use the sasl_mechs broker option in the connection
URL (sasl_mechs='CRAM-MD5-HASHED').  
> Instead the user sees:
> {code}
> org.apache.qpid.AMQException: Cannot connect to broker: Callback handler with support
for AuthorizeCallback required
> {code}
> The user can work around the problem by passing the -Dqpid.amqp.version system property
to the client, and selecting a protocol < 0-10.
> The problem is happening because on the 0-10 code path on the client, the SASL CallbackHandler
in use is hardcoded to UsernamePasswordCallbackhandler (ClientDelegate), rather than using
the facilities of CallbackHandlerRegistry (as does the 0-8 and 0-9* code paths). CRAM-MD5-HASHED
requires the use of a different Callbackhandler.
> This also inhibits the use of custom SASL methods by the client.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org


Mime
View raw message