You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Keith Wall (JIRA)" <ji...@apache.org> on 2011/05/09 17:38:07 UTC

[jira] [Created] (QPID-3249) Remove incomplete support for authenication at virtualhost level

Remove incomplete support for authenication at virtualhost level 
-----------------------------------------------------------------

                 Key: QPID-3249
                 URL: https://issues.apache.org/jira/browse/QPID-3249
             Project: Qpid
          Issue Type: Improvement
          Components: Java Broker
    Affects Versions: 0.10
            Reporter: Keith Wall
            Assignee: Keith Wall
            Priority: Minor


In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.

i.e.

{code}
<virtualhost>
 <name>localhost</name>
 <localhost>
....
   <security>
     <!-- Would need protocol changes to allow this-->
     <authentication>
       <name>passwordfile</name>
       <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
       <mechanism>PLAIN</mechanism>
     </authentication>
.....

{code}


The redundant implementation in VirtualHostImpl should be removed.



--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org

[jira] [Updated] (QPID-3249) Remove incomplete support for authentication at virtualhost level

Posted by "Keith Wall (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keith Wall updated QPID-3249:
-----------------------------

    Attachment: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch

Attached patch.   This patch refactors VirtualHostImpl to remove its dependency on PrincipalAuthenticationManager.  Added unit tests to PrincipalAuthenticationManager to support the change.

> Remove incomplete support for authentication at virtualhost level 
> ------------------------------------------------------------------
>
>                 Key: QPID-3249
>                 URL: https://issues.apache.org/jira/browse/QPID-3249
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Keith Wall
>            Priority: Minor
>         Attachments: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch
>
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
>  <name>localhost</name>
>  <localhost>
> ....
>    <security>
>      <!-- Would need protocol changes to allow this-->
>      <authentication>
>        <name>passwordfile</name>
>        <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
>        <mechanism>PLAIN</mechanism>
>      </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org

[jira] [Resolved] (QPID-3249) Remove incomplete support for authentication at virtualhost level

Posted by "Robbie Gemmell (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robbie Gemmell resolved QPID-3249.
----------------------------------

       Resolution: Fixed
    Fix Version/s: 0.11

Patch applied.

> Remove incomplete support for authentication at virtualhost level 
> ------------------------------------------------------------------
>
>                 Key: QPID-3249
>                 URL: https://issues.apache.org/jira/browse/QPID-3249
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Robbie Gemmell
>            Priority: Minor
>             Fix For: 0.11
>
>         Attachments: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch
>
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
>  <name>localhost</name>
>  <localhost>
> ....
>    <security>
>      <!-- Would need protocol changes to allow this-->
>      <authentication>
>        <name>passwordfile</name>
>        <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
>        <mechanism>PLAIN</mechanism>
>      </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org

[jira] [Assigned] (QPID-3249) Remove incomplete support for authentication at virtualhost level

Posted by "Keith Wall (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keith Wall reassigned QPID-3249:
--------------------------------

    Assignee: Robbie Gemmell  (was: Keith Wall)

Hi Robbie - would you mind reviewing please?

> Remove incomplete support for authentication at virtualhost level 
> ------------------------------------------------------------------
>
>                 Key: QPID-3249
>                 URL: https://issues.apache.org/jira/browse/QPID-3249
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Robbie Gemmell
>            Priority: Minor
>         Attachments: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch
>
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
>  <name>localhost</name>
>  <localhost>
> ....
>    <security>
>      <!-- Would need protocol changes to allow this-->
>      <authentication>
>        <name>passwordfile</name>
>        <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
>        <mechanism>PLAIN</mechanism>
>      </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org

[jira] [Updated] (QPID-3249) Remove incomplete support for authentication at virtualhost level

Posted by "Keith Wall (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keith Wall updated QPID-3249:
-----------------------------

    Summary: Remove incomplete support for authentication at virtualhost level   (was: Remove incomplete support for authenication at virtualhost level )

> Remove incomplete support for authentication at virtualhost level 
> ------------------------------------------------------------------
>
>                 Key: QPID-3249
>                 URL: https://issues.apache.org/jira/browse/QPID-3249
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Keith Wall
>            Priority: Minor
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
>  <name>localhost</name>
>  <localhost>
> ....
>    <security>
>      <!-- Would need protocol changes to allow this-->
>      <authentication>
>        <name>passwordfile</name>
>        <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
>        <mechanism>PLAIN</mechanism>
>      </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org

[jira] [Updated] (QPID-3249) Remove incomplete support for authentication at virtualhost level

Posted by "Keith Wall (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keith Wall updated QPID-3249:
-----------------------------

    Status: Ready To Review  (was: In Progress)

> Remove incomplete support for authentication at virtualhost level 
> ------------------------------------------------------------------
>
>                 Key: QPID-3249
>                 URL: https://issues.apache.org/jira/browse/QPID-3249
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.10
>            Reporter: Keith Wall
>            Assignee: Keith Wall
>            Priority: Minor
>         Attachments: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch
>
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level.  This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
>  <name>localhost</name>
>  <localhost>
> ....
>    <security>
>      <!-- Would need protocol changes to allow this-->
>      <authentication>
>        <name>passwordfile</name>
>        <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
>        <mechanism>PLAIN</mechanism>
>      </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org