qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Irina Boverman (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (QPID-5815) Broker reports EXTERNAL mech. not supported if CN is empty
Date Fri, 13 Jun 2014 18:27:02 GMT

     [ https://issues.apache.org/jira/browse/QPID-5815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Irina Boverman updated QPID-5815:

    Attachment: SSL.patch

Added example of EXTERNAL client authentication and removed perftest references in qpid/cpp/SSL

> Broker reports EXTERNAL mech. not supported if CN is empty
> ----------------------------------------------------------
>                 Key: QPID-5815
>                 URL: https://issues.apache.org/jira/browse/QPID-5815
>             Project: Qpid
>          Issue Type: Improvement
>          Components: C++ Broker
>    Affects Versions: 0.26
>         Environment: Linux/RHEL 6.
>            Reporter: Irina Boverman
>            Priority: Trivial
>             Fix For: Future
>         Attachments: SSL.patch, patch.txt
> If EXTERNAL sasl mechanism is used for client authentication, the broker will extract
the CN from the client's ssl certificate and use it as an 'authId' for sasl authentication.
In a case when the client certificate is malformed (for example, a subject of the form "C=FR,O=SUNGARD,OU="CLEARVISION
CN=GLKXV_GLKXVALBBDBGEN1""), the broker reports that it does not support EXTERNAL mechanism
(this is a valid behaviour). However it would be helpful to see a message explaining why EXTERNAL
mechanism is not available.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org

View raw message