You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Garrett Smith <g...@rrett.us.com> on 2009/04/29 04:43:19 UTC
Authentication woes - C++ broker, Python client
I'm running into this error when I try to start a connection, which is
configured with what I believe to be a valid username and password:
connection failed (320, u'connection-forced: Authentication failed')
I'm using the default guest/guest account. Here's what I'm seeing in the
broker log (trace enabled):
info SASL: Starting authentication with mechanism: PLAIN
info SASL: Authentication failed: SASL(-13): user not found: Password
verification failed
I've verified that the guest account exists using "sasldblistusers2 -f
/var/lib/qpidd/qpidd.sasldb". The output:
guest@QPID: userPassword
I've tried this with new user accounts and different realms (specifying
--realm for qpidd as applicable). Same result.
There no indication in the trace log which SASL db is being used. The
contents of /etc/sasl2/qpidd.conf:
mech_list: plain anonymous
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /var/lib/qpidd/qpidd.sasldb
If I comment out all of those lines, the output from qpidd (trace) is
exactly the same. So, I'm a bit confused as to how qpidd is getting its
information about SASL.
How can I explicitly tell qpidd where to find the SASL config?
Should the trace output contain details about which SASL confi it's
using? The only SASL related log output at startup is:
info SASL enabled
That's a comforting fact, but then what? :)
Thanks for any help!
Garrett
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Authentication woes - C++ broker, Python client
Posted by Ted Ross <tr...@redhat.com>.
Garrett Smith wrote:
> I'm running into this error when I try to start a connection, which is
> configured with what I believe to be a valid username and password:
>
> connection failed (320, u'connection-forced: Authentication failed')
>
> I'm using the default guest/guest account. Here's what I'm seeing in the
> broker log (trace enabled):
>
> info SASL: Starting authentication with mechanism: PLAIN
> info SASL: Authentication failed: SASL(-13): user not found: Password
> verification failed
>
> I've verified that the guest account exists using "sasldblistusers2 -f
> /var/lib/qpidd/qpidd.sasldb". The output:
>
> guest@QPID: userPassword
>
> I've tried this with new user accounts and different realms (specifying
> --realm for qpidd as applicable). Same result.
>
> There no indication in the trace log which SASL db is being used. The
> contents of /etc/sasl2/qpidd.conf:
>
> mech_list: plain anonymous
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
> sasldb_path: /var/lib/qpidd/qpidd.sasldb
>
> If I comment out all of those lines, the output from qpidd (trace) is
> exactly the same. So, I'm a bit confused as to how qpidd is getting its
> information about SASL.
>
> How can I explicitly tell qpidd where to find the SASL config?
>
> Should the trace output contain details about which SASL confi it's
> using? The only SASL related log output at startup is:
>
> info SASL enabled
>
> That's a comforting fact, but then what? :)
>
> Thanks for any help!
>
> Garrett
>
> ---------------------------------------------------------------------
> Apache Qpid - AMQP Messaging Implementation
> Project: http://qpid.apache.org
> Use/Interact: mailto:users-subscribe@qpid.apache.org
>
>
Garrett,
Please check to make sure that the sasl files (/etc/sasl2/qpidd.conf and
/var/lib/qpidd/qpidd.sasldb) are readable by the user that is running
the qpidd process.
-Ted
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Authentication woes - C++ broker, Python client
Posted by Joshua Kramer <jo...@globalherald.net>.
Garrett Smith wrote:
> I'm running into this error when I try to start a connection, which is
> configured with what I believe to be a valid username and password
>
Hello Garrett,
Have you tried creating a user account in the noted sasldb? For
example, testuser1@QPID with the password testuser1 - and do not supply
a 'realm' option on the command line when starting qpidd. Then, use
that username / password in your Python script. From what you have
noted, it seems that you have covered all of your bases.
Let me know if that works.
Cheers,
-JK
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org