qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPIDJMS-65) updated SASL mechanism selection to consider available credentials
Date Thu, 04 Jun 2015 14:51:38 GMT

    [ https://issues.apache.org/jira/browse/QPIDJMS-65?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14572914#comment-14572914
] 

ASF subversion and git services commented on QPIDJMS-65:
--------------------------------------------------------

Commit 2198077f0c35950b240aa208038e2b7a9843c2ae in qpid-jms's branch refs/heads/master from
Robert Gemmell
[ https://git-wip-us.apache.org/repos/asf?p=qpid-jms.git;h=2198077 ]

QPIDJMS-67: workaround extraneous header+frames being sent, nix the transport output upon
SASL failure

Removes workaround from ab970da6b810fccf0f93c4ac7e07aab58ea8ab54 from QPIDJMS-65 as it was
only needed due to exposing this defect.


> updated SASL mechanism selection to consider available credentials
> ------------------------------------------------------------------
>
>                 Key: QPIDJMS-65
>                 URL: https://issues.apache.org/jira/browse/QPIDJMS-65
>             Project: Qpid JMS
>          Issue Type: Bug
>          Components: qpid-jms-client
>    Affects Versions: 0.2.0
>            Reporter: Jakub Scholz
>            Assignee: Robbie Gemmell
>            Priority: Minor
>             Fix For: 0.3.0
>
>         Attachments: QPIDJMS-65.patch
>
>
> The SASL mechanism selection currently only looks at whether the server and client both
support the mechanism. In cases tehre authentication credntials are required, we should also
consider whether they are actually available and use another mechanism if they are not.
> Original Text:
> When the CRAM-MD5 SASL mechanism is used and no jms.username or jms.password parameter
was specified in connection URI, a NullPointerExpception will be thrown, for example:
> {code}TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - Attempted write
of: 8 bytes
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - New data read: 68 bytes
incoming: UnpooledHeapByteBuf(ridx: 0, widx: 68, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - Received from Broker 68 bytes:
UnpooledHeapByteBuf(ridx: 0, widx: 68, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: CONNECTION_INIT
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: SESSION_INIT
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: CONNECTION_LOCAL_OPEN
> DEBUG org.apache.qpid.jms.sasl.SaslMechanismFinder - Unknown SASL mechanism: [DIGEST-MD5]
> INFO org.apache.qpid.jms.sasl.SaslMechanismFinder - Best match for SASL auth was: SASL-CRAM-MD5
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - Attempted write of: 24
bytes
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - New data read: 55 bytes
incoming: UnpooledHeapByteBuf(ridx: 0, widx: 55, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - Received from Broker 55 bytes:
UnpooledHeapByteBuf(ridx: 0, widx: 55, cap: 65536)
> WARN org.apache.qpid.jms.provider.amqp.AmqpProvider - Caught Exception during update
processing: null
> java.lang.NullPointerException
> 	at org.apache.qpid.jms.sasl.CramMD5Mechanism.getChallengeResponse(CramMD5Mechanism.java:57)
> 	at org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.handleSaslStep(AmqpSaslAuthenticator.java:111)
> 	at org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.authenticate(AmqpSaslAuthenticator.java:63)
> 	at org.apache.qpid.jms.provider.amqp.AmqpConnection.processSaslAuthentication(AmqpConnection.java:155)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:777)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.access$1500(AmqpProvider.java:87)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider$16.run(AmqpProvider.java:667)
> 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> 	at java.lang.Thread.run(Thread.java:745)
> javax.jms.JMSException: java.lang.NullPointerException
> Exception occurred and was caught by onException
> 	at org.apache.qpid.jms.exceptions.JmsExceptionSupport.create(JmsExceptionSupport.java:60)
> 	at org.apache.qpid.jms.JmsConnection.onAsyncException(JmsConnection.java:1169)
> 	at org.apache.qpid.jms.JmsConnection.onConnectionFailure(JmsConnection.java:1085)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.fireProviderException(AmqpProvider.java:832)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:781)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.access$1500(AmqpProvider.java:87)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider$16.run(AmqpProvider.java:667)
> 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> 	at java.lang.Thread.run(Thread.java:745)
> Caused by: java.io.IOException: java.lang.NullPointerException
> 	at org.apache.qpid.jms.util.IOExceptionSupport.create(IOExceptionSupport.java:45)
> 	... 11 more
> Caused by: java.lang.NullPointerException
> 	at org.apache.qpid.jms.sasl.CramMD5Mechanism.getChallengeResponse(CramMD5Mechanism.java:57)
> 	at org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.handleSaslStep(AmqpSaslAuthenticator.java:111)
> 	at org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.authenticate(AmqpSaslAuthenticator.java:63)
> 	at org.apache.qpid.jms.provider.amqp.AmqpConnection.processSaslAuthentication(AmqpConnection.java:155)
> 	at org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:777)
> 	... 9 more{code}
> The PLAIN mechanism actually validates username and password and replaces it with empty
string in case they are null. However, setting the password to empty string causes another
exception in SecretKeySpec. So the password has to be set for example to space to make it
work.
> Is missing username or password (or set to empty string) actually a valid scenario? For
example I don't think it can be configured on the Qpid C++ broker.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message