qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robbie Gemmell (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (QPIDJMS-150) Scram SHA SASL support for authentication
Date Mon, 22 Feb 2016 17:43:18 GMT

    [ https://issues.apache.org/jira/browse/QPIDJMS-150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15157326#comment-15157326
] 

Robbie Gemmell edited comment on QPIDJMS-150 at 2/22/16 5:42 PM:
-----------------------------------------------------------------

Reopening, some of the tests failed in a new (to me) way on Travis and Appveyor:
https://travis-ci.org/apache/qpid-jms/builds/111005093
https://ci.appveyor.com/project/stumped2/qpid-jms/build/205

Worked fine locally for me on 2 JVMs, for Tim, and on the ASF Jenkins. Need to take a look
why Travis+Appveyor choked.


was (Author: gemmellr):
Reopening, some of the tests failed in a new (to me) way on Travis:
https://travis-ci.org/apache/qpid-jms/builds/111005093

Worked fine locally for me on 2 JVMs, for Tim, and on the ASF Jenkins. Need to take a look
why Travis choked.

> Scram SHA SASL support for authentication
> -----------------------------------------
>
>                 Key: QPIDJMS-150
>                 URL: https://issues.apache.org/jira/browse/QPIDJMS-150
>             Project: Qpid JMS
>          Issue Type: Improvement
>          Components: qpid-jms-client
>            Reporter: Keith Wall
>            Assignee: Robbie Gemmell
>             Fix For: 0.9.0
>
>         Attachments: 0001-QPIDJMS-150-Add-support-for-SASL-SCRAM-SHA1-256-RFC-.patch
>
>
> The SCRAM SHA-1 and 256 SASL mechanisms https://tools.ietf.org/html/rfc5802 offer better
security than older SASL implementations. In particular the authentication information stored
in the authentication database is not sufficient to impersonate the client if the database
were to be stolen.
> (The Java Broker already supports these mechanisms. The intention is to switch to recommend
SCRAM instead of CRAM-MD5 shortly.  One barrier to making this switch is the absence of support
in the client).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message