qpid-proton mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gordon Sim (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-950) SASL PLAIN over cleartext should be supported
Date Tue, 04 Aug 2015 12:19:05 GMT

    [ https://issues.apache.org/jira/browse/PROTON-950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14653533#comment-14653533
] 

Gordon Sim commented on PROTON-950:
-----------------------------------

I think my preferred option would also be to allow PLAIN regardless of whether SSL is in use
by default, but to clearly log a warning every time PLAIN is used over an unencrypted transport
(along with a brief message as to how to prevent this). That way people become very aware
of the problem and how to avoid it, but it doesn't cause hard to debug issues when first trying
to get an example running.

> SASL PLAIN over cleartext should be supported
> ---------------------------------------------
>
>                 Key: PROTON-950
>                 URL: https://issues.apache.org/jira/browse/PROTON-950
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.10
>            Reporter: Ted Ross
>            Assignee: Andrew Stitcher
>            Priority: Blocker
>             Fix For: 0.10
>
>
> In the current 0.10 alpha, if SASL PLAIN is selected, it will only work if the connection
is encrypted (using SSL).  This is a surprising change of behavior from earlier versions of
Proton and it's arguable that a security policy like that should be left to the application
using the Proton library.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message