You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@qpid.apache.org by Matt Broadstone <mb...@gmail.com> on 2015/05/13 19:55:53 UTC

0.32 cpp broker sasl authentication no mechanism agreed

Hi all,

I've recently updated my development environment to run the 0.32 release of
qpidd (on ubuntu 14.04), and PLAIN sasl authentication no longer seems to
work. Trying to use "qpid-config" to simply list the exchanges now results
in a message indicating "no mechanism agreed".

I've got the following configuration:

/etc/qpid/qpidd.conf:

port=5672
daemon=yes
log-to-syslog=yes
auth=yes
realm=QPID
store-dir=/var/run/qpidd

/etc/sasl2/qpidd.conf:

pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /var/lib/qpidd/qpidd.sasldb
mech_list: PLAIN
sql_select: dummy select


# checking to see that the added user exists:

mbroadst@dev:~$ sasldblistusers2 /var/lib/qpidd/qpidd.sasldb
test@QPID: userPassword

I'm not really sure where to look for more meaningful error output. I
tried running qpidd with -t to output trace data and from what I can
see during the attempted connection PLAIN is listed for
incoming/outgoing handshake messages. Can anyone point me towards
other relevant sources of information on the system to find the error
here?

Regards,
Matt

Re: 0.32 cpp broker sasl authentication no mechanism agreed

Posted by Matt Broadstone <mb...@gmail.com>.

On Wed, May 13, 2015 at 2:21 PM, Gordon Sim <gs...@redhat.com> wrote:

> On 05/13/2015 07:04 PM, Matt Broadstone wrote:
>
>> Thanks for the quick response. I should have mentioned that I am indeed
>> specifying a username and password to qpid-config: "qpid-config -a
>> test\password@localhost" is what results in "no mechanism agreed".
>>
>
> That should be: qpid-config -a test/password@localhost
>
>
Well that sure fixed it, thanks! I could have sworn this was a backslash at
some point :)

Cheers,
Matt


>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> For additional commands, e-mail: users-help@qpid.apache.org
>
>

Re: 0.32 cpp broker sasl authentication no mechanism agreed

Posted by Gordon Sim <gs...@redhat.com>.

On 05/13/2015 07:04 PM, Matt Broadstone wrote:
> Thanks for the quick response. I should have mentioned that I am indeed
> specifying a username and password to qpid-config: "qpid-config -a
> test\password@localhost" is what results in "no mechanism agreed".

That should be: qpid-config -a test/password@localhost

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org

Re: 0.32 cpp broker sasl authentication no mechanism agreed

Posted by Matt Broadstone <mb...@gmail.com>.

On Wed, May 13, 2015 at 2:00 PM, Chuck Rolke <cr...@redhat.com> wrote:

> See https://issues.apache.org/jira/browse/QPID-6511 . You need:
>
> --connection-options "{username:dummy}"
> or
> --connection-options "{sasl-mechanisms:ANONYMOUS}"
>
>
Hi Chuck,
Thanks for the quick response. I should have mentioned that I am indeed
specifying a username and password to qpid-config: "qpid-config -a
test\password@localhost" is what results in "no mechanism agreed". If I
omit the "mechanisms" section in the sasl2/qpidd.conf file everything
works, but because it seems to be defaulting back to ANONYMOUS.

Also, this ticket seems to refer to a server configured with no
authentication?

Matt



>
> ----- Original Message -----
> > From: "Matt Broadstone" <mb...@gmail.com>
> > To: "users" <us...@qpid.apache.org>
> > Sent: Wednesday, May 13, 2015 1:55:53 PM
> > Subject: 0.32 cpp broker sasl authentication no mechanism agreed
> >
> > Hi all,
> >
> > I've recently updated my development environment to run the 0.32 release
> of
> > qpidd (on ubuntu 14.04), and PLAIN sasl authentication no longer seems to
> > work. Trying to use "qpid-config" to simply list the exchanges now
> results
> > in a message indicating "no mechanism agreed".
> >
> > I've got the following configuration:
> >
> > /etc/qpid/qpidd.conf:
> >
> > port=5672
> > daemon=yes
> > log-to-syslog=yes
> > auth=yes
> > realm=QPID
> > store-dir=/var/run/qpidd
> >
> > /etc/sasl2/qpidd.conf:
> >
> > pwcheck_method: auxprop
> > auxprop_plugin: sasldb
> > sasldb_path: /var/lib/qpidd/qpidd.sasldb
> > mech_list: PLAIN
> > sql_select: dummy select
> >
> >
> > # checking to see that the added user exists:
> >
> > mbroadst@dev:~$ sasldblistusers2 /var/lib/qpidd/qpidd.sasldb
> > test@QPID: userPassword
> >
> > I'm not really sure where to look for more meaningful error output. I
> > tried running qpidd with -t to output trace data and from what I can
> > see during the attempted connection PLAIN is listed for
> > incoming/outgoing handshake messages. Can anyone point me towards
> > other relevant sources of information on the system to find the error
> > here?
> >
> > Regards,
> > Matt
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> For additional commands, e-mail: users-help@qpid.apache.org
>
>

Re: 0.32 cpp broker sasl authentication no mechanism agreed

Posted by Chuck Rolke <cr...@redhat.com>.

See https://issues.apache.org/jira/browse/QPID-6511 . You need:

--connection-options "{username:dummy}"
or
--connection-options "{sasl-mechanisms:ANONYMOUS}"


----- Original Message -----
> From: "Matt Broadstone" <mb...@gmail.com>
> To: "users" <us...@qpid.apache.org>
> Sent: Wednesday, May 13, 2015 1:55:53 PM
> Subject: 0.32 cpp broker sasl authentication no mechanism agreed
> 
> Hi all,
> 
> I've recently updated my development environment to run the 0.32 release of
> qpidd (on ubuntu 14.04), and PLAIN sasl authentication no longer seems to
> work. Trying to use "qpid-config" to simply list the exchanges now results
> in a message indicating "no mechanism agreed".
> 
> I've got the following configuration:
> 
> /etc/qpid/qpidd.conf:
> 
> port=5672
> daemon=yes
> log-to-syslog=yes
> auth=yes
> realm=QPID
> store-dir=/var/run/qpidd
> 
> /etc/sasl2/qpidd.conf:
> 
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
> sasldb_path: /var/lib/qpidd/qpidd.sasldb
> mech_list: PLAIN
> sql_select: dummy select
> 
> 
> # checking to see that the added user exists:
> 
> mbroadst@dev:~$ sasldblistusers2 /var/lib/qpidd/qpidd.sasldb
> test@QPID: userPassword
> 
> I'm not really sure where to look for more meaningful error output. I
> tried running qpidd with -t to output trace data and from what I can
> see during the attempted connection PLAIN is listed for
> incoming/outgoing handshake messages. Can anyone point me towards
> other relevant sources of information on the system to find the error
> here?
> 
> Regards,
> Matt
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org