qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "tim taylor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-1606) (Proton-J) Using Sasl needs to be optional for Client Role
Date Wed, 04 Oct 2017 17:58:00 GMT

    [ https://issues.apache.org/jira/browse/PROTON-1606?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16191713#comment-16191713
] 

tim taylor commented on PROTON-1606:
------------------------------------

In my scenario, there is no username/password to use. I am trying to use x509 authentication
over TLS. The service probably should offer EXTERNAL as a mechanism to defer to TLS for auth,
but it doesn't, so I have to work with that.

The server only expects Sasl communication if I am using username/password. In my scenario
right now, I am not, so it is not expecting any Sasl communication.

> (Proton-J) Using Sasl needs to be optional for Client Role
> ----------------------------------------------------------
>
>                 Key: PROTON-1606
>                 URL: https://issues.apache.org/jira/browse/PROTON-1606
>             Project: Qpid Proton
>          Issue Type: Improvement
>          Components: proton-j
>    Affects Versions: proton-j-0.22.0
>         Environment: N/A
>            Reporter: tim taylor
>   Original Estimate: 8h
>  Remaining Estimate: 8h
>
> In order for my application to use Proton-j for amqps messaging, the Sasl layer cannot
be created by the global handler (IOHandler) at CONNECTION_LOCAL_OPEN time. The code below
breaks our ability to use proton-j for amqps messaging as a CLIENT against our service.
> ...
> sasl = transport.sasl();
> sasl.client();
> sasl.setMechanisms("ANONYMOUS");
> ...
> I need these three lines of code to be optional in the global handler, or for a new API
that allows a transport implementation to undo creating the Sasl layer.
> Something like:
>     ....
>     Transport transport = event.getConnection().getTransport();
>     transport.disableSasl();
>     ....
> The service I am hitting against is not using Proton-j as the SERVER role.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message