From dev-return-59245-apmail-qpid-dev-archive=qpid.apache.org@qpid.apache.org Wed Sep 30 13:06:24 2015 Return-Path: X-Original-To: apmail-qpid-dev-archive@www.apache.org Delivered-To: apmail-qpid-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B9B1D17E0D for ; Wed, 30 Sep 2015 13:06:24 +0000 (UTC) Received: (qmail 91497 invoked by uid 500); 30 Sep 2015 13:06:15 -0000 Delivered-To: apmail-qpid-dev-archive@qpid.apache.org Received: (qmail 91465 invoked by uid 500); 30 Sep 2015 13:06:15 -0000 Mailing-List: contact dev-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@qpid.apache.org Delivered-To: mailing list dev@qpid.apache.org Received: (qmail 91444 invoked by uid 99); 30 Sep 2015 13:06:14 -0000 Received: from reviews-vm.apache.org (HELO reviews.apache.org) (140.211.11.40) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Sep 2015 13:06:14 +0000 Received: from reviews.apache.org (localhost [127.0.0.1]) by reviews.apache.org (Postfix) with ESMTP id 00A171D3BDB; Wed, 30 Sep 2015 13:06:11 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============9211781230587789292==" MIME-Version: 1.0 Subject: Re: Review Request 38863: Add toggle to control sasl layer to proton.reactor.Container From: "Chug Rolke" To: "Ted Ross" , "Justin Ross" Cc: "Chug Rolke" , "Gordon Sim" , "qpid" Date: Wed, 30 Sep 2015 13:06:11 -0000 Message-ID: <20150930130611.23614.72660@reviews.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: "Chug Rolke" X-ReviewGroup: qpid X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/38863/ X-Sender: "Chug Rolke" References: <20150929215620.23614.17451@reviews.apache.org> In-Reply-To: <20150929215620.23614.17451@reviews.apache.org> Reply-To: "Chug Rolke" X-ReviewRequest-Repository: qpid-proton-git --===============9211781230587789292== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/38863/#review101114 ----------------------------------------------------------- Ship it! This fixes the specific self-test failure in dispatch. I have not tested whether it's possible to set the reactor sasl_layer switch through all the layers between proton/reactor and dispatch/qdstat. - Chug Rolke On Sept. 29, 2015, 9:56 p.m., Gordon Sim wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/38863/ > ----------------------------------------------------------- > > (Updated Sept. 29, 2015, 9:56 p.m.) > > > Review request for qpid, Justin Ross and Ted Ross. > > > Bugs: PROTON-1008 > https://issues.apache.org/jira/browse/PROTON-1008 > > > Repository: qpid-proton-git > > > Description > ------- > > There is no direct and easy way to control whether a sasl layer is used or not that works for all cases. Prior to the 0.10 release, specifying a username was the trigger to enable sasl. However for EXTERNAL or GSSAPI that doesn't work as well. This patch proposes adding an explicit toggle to either enable or disable the use of sasl. It is enabled by default (ANONYMOUS is then a simple way of avoiding actual authentication if not needed), but can be disabled at the container- or connection- level. > > For consistency I've also allowec connection level overrding of the allowed_mechs and allow_insecure_mechs options. > > > Diffs > ----- > > proton-c/bindings/python/proton/reactor.py 8de5d89 > > Diff: https://reviews.apache.org/r/38863/diff/ > > > Testing > ------- > > > Thanks, > > Gordon Sim > > --===============9211781230587789292==--