You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Jakub Scholz <ja...@scholz.cz> on 2015/04/01 09:29:57 UTC
Re: Qpid JMS 0.1.0 and SASL EXTERNAL
Hi Robbie,
Sorry, I didn't managed to test it yesterday. But I had a look at it now
and it seems to work nicely (tested against Qpid 0.22 / MRG-M 3.0). Thanks
a lot for fixing it.
The last major thing I seem to be missing for my use cases is the
possibility to select which specific certificate should be used for the
EXTERNAL authentication. Is that somewhere on your roadmap? Should I try to
prepare some patch based on how it is implemented in the older clients?
Thanks & Regards
Jakub
On Tue, Mar 31, 2015 at 7:24 PM, Robbie Gemmell <ro...@gmail.com>
wrote:
> Hi Jakub,
>
> I made a change to the client to resolve this, stopping the broker
> needing to send the challenge. I verified the change against qpidd
> 0.32.
>
> I prodded the nightly snapshot job to run earlier so a build with the
> changes are now available, if you want to test this or anything else
> the bug had prevented you trying. You can get the bits either by
> adding https://repository.apache.org/content/repositories/snapshots as
> a repo for your maven build and using the 0.2.0-SNAPSHOT client
> dependency, or by grabbing the src/bin archive from
>
> https://repository.apache.org/content/repositories/snapshots/org/apache/qpid/apache-qpid-jms/0.2.0-SNAPSHOT/
>
> Robbie
>
> On 26 March 2015 at 14:09, Jakub Scholz <ja...@scholz.cz> wrote:
> > I raised the JIRA - QPIDJMS-33. I also added the related logs from the
> > client and broker. Let me know if you need some more help reproducing it
> /
> > testing it.
> >
> > Robbie, it can definitely wait after your vacation is over - enjoy your
> > free time instead of fixing Qpid bugs :-).
> >
> > Regards
> > Jakub
> >
> > On Thu, Mar 26, 2015 at 2:27 PM, Robbie Gemmell <
> robbie.gemmell@gmail.com>
> > wrote:
> >
> >> Hi Jakub,
> >>
> >> Its meant to, but would seem not to be doing something correctly and
> >> so isnt playing well with the C++ broker as a result (I'll admit I
> >> only tested it against the Java broker when I added it).
> >>
> >> I'm a little surprised that the broker is actually challenging, but
> >> from a quick read of the rfc I would guess the client isnt sending the
> >> empty initial response and so the server is challenging using it and
> >> expecting an empty response that the client again fails to send. If
> >> thats the case I imagine the empty bytes are being dropped somewhere.
> >> I'll take a look when I get a chance, but it might not be until my
> >> vacation is done (Monday).
> >>
> >> Robbie
> >>
> >> On 26 March 2015 at 12:19, Jakub Scholz <ja...@scholz.cz> wrote:
> >> > Hi Robbie, Tim,
> >> >
> >> > I was wondering ... does the new JMS client already support SASL
> EXTERNAL
> >> > authentication? It looks like it selects the EXTERNAL mechanism when
> it
> >> is
> >> > offered by the broker, but it looks like it never responds to the
> >> challenge
> >> > sent by the broker (Qpid C++ 0.22 / MRG-M 3.0).
> >> >
> >> > Thanks & Regards
> >> > Jakub
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> >> For additional commands, e-mail: users-help@qpid.apache.org
> >>
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> For additional commands, e-mail: users-help@qpid.apache.org
>
>
Re: Qpid JMS 0.1.0 and SASL EXTERNAL
Posted by Jakub Scholz <ja...@scholz.cz>.
Hi Robbie,
Oki, great. Please let me know in case I can help you with testing or
something like that.
Thanks & Regards
Jakub
On Wed, Apr 1, 2015 at 2:29 PM, Robbie Gemmell <ro...@gmail.com>
wrote:
> Hi Jakub,
>
> I'll take a look at adding that in, it is something I noticed a while
> back but had admittedly forgotten about since. There are some things
> in that area I'd like to change so I'll add that too.
>
> Robbie
>
> On 1 April 2015 at 08:29, Jakub Scholz <ja...@scholz.cz> wrote:
> > Hi Robbie,
> >
> > Sorry, I didn't managed to test it yesterday. But I had a look at it now
> > and it seems to work nicely (tested against Qpid 0.22 / MRG-M 3.0).
> Thanks
> > a lot for fixing it.
> >
> > The last major thing I seem to be missing for my use cases is the
> > possibility to select which specific certificate should be used for the
> > EXTERNAL authentication. Is that somewhere on your roadmap? Should I try
> to
> > prepare some patch based on how it is implemented in the older clients?
> >
> > Thanks & Regards
> > Jakub
> >
> > On Tue, Mar 31, 2015 at 7:24 PM, Robbie Gemmell <
> robbie.gemmell@gmail.com>
> > wrote:
> >
> >> Hi Jakub,
> >>
> >> I made a change to the client to resolve this, stopping the broker
> >> needing to send the challenge. I verified the change against qpidd
> >> 0.32.
> >>
> >> I prodded the nightly snapshot job to run earlier so a build with the
> >> changes are now available, if you want to test this or anything else
> >> the bug had prevented you trying. You can get the bits either by
> >> adding https://repository.apache.org/content/repositories/snapshots as
> >> a repo for your maven build and using the 0.2.0-SNAPSHOT client
> >> dependency, or by grabbing the src/bin archive from
> >>
> >>
> https://repository.apache.org/content/repositories/snapshots/org/apache/qpid/apache-qpid-jms/0.2.0-SNAPSHOT/
> >>
> >> Robbie
> >>
> >> On 26 March 2015 at 14:09, Jakub Scholz <ja...@scholz.cz> wrote:
> >> > I raised the JIRA - QPIDJMS-33. I also added the related logs from the
> >> > client and broker. Let me know if you need some more help reproducing
> it
> >> /
> >> > testing it.
> >> >
> >> > Robbie, it can definitely wait after your vacation is over - enjoy
> your
> >> > free time instead of fixing Qpid bugs :-).
> >> >
> >> > Regards
> >> > Jakub
> >> >
> >> > On Thu, Mar 26, 2015 at 2:27 PM, Robbie Gemmell <
> >> robbie.gemmell@gmail.com>
> >> > wrote:
> >> >
> >> >> Hi Jakub,
> >> >>
> >> >> Its meant to, but would seem not to be doing something correctly and
> >> >> so isnt playing well with the C++ broker as a result (I'll admit I
> >> >> only tested it against the Java broker when I added it).
> >> >>
> >> >> I'm a little surprised that the broker is actually challenging, but
> >> >> from a quick read of the rfc I would guess the client isnt sending
> the
> >> >> empty initial response and so the server is challenging using it and
> >> >> expecting an empty response that the client again fails to send. If
> >> >> thats the case I imagine the empty bytes are being dropped somewhere.
> >> >> I'll take a look when I get a chance, but it might not be until my
> >> >> vacation is done (Monday).
> >> >>
> >> >> Robbie
> >> >>
> >> >> On 26 March 2015 at 12:19, Jakub Scholz <ja...@scholz.cz> wrote:
> >> >> > Hi Robbie, Tim,
> >> >> >
> >> >> > I was wondering ... does the new JMS client already support SASL
> >> EXTERNAL
> >> >> > authentication? It looks like it selects the EXTERNAL mechanism
> when
> >> it
> >> >> is
> >> >> > offered by the broker, but it looks like it never responds to the
> >> >> challenge
> >> >> > sent by the broker (Qpid C++ 0.22 / MRG-M 3.0).
> >> >> >
> >> >> > Thanks & Regards
> >> >> > Jakub
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> >> >> For additional commands, e-mail: users-help@qpid.apache.org
> >> >>
> >> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> >> For additional commands, e-mail: users-help@qpid.apache.org
> >>
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> For additional commands, e-mail: users-help@qpid.apache.org
>
>
Re: Qpid JMS 0.1.0 and SASL EXTERNAL
Posted by Robbie Gemmell <ro...@gmail.com>.
Hi Jakub,
I'll take a look at adding that in, it is something I noticed a while
back but had admittedly forgotten about since. There are some things
in that area I'd like to change so I'll add that too.
Robbie
On 1 April 2015 at 08:29, Jakub Scholz <ja...@scholz.cz> wrote:
> Hi Robbie,
>
> Sorry, I didn't managed to test it yesterday. But I had a look at it now
> and it seems to work nicely (tested against Qpid 0.22 / MRG-M 3.0). Thanks
> a lot for fixing it.
>
> The last major thing I seem to be missing for my use cases is the
> possibility to select which specific certificate should be used for the
> EXTERNAL authentication. Is that somewhere on your roadmap? Should I try to
> prepare some patch based on how it is implemented in the older clients?
>
> Thanks & Regards
> Jakub
>
> On Tue, Mar 31, 2015 at 7:24 PM, Robbie Gemmell <ro...@gmail.com>
> wrote:
>
>> Hi Jakub,
>>
>> I made a change to the client to resolve this, stopping the broker
>> needing to send the challenge. I verified the change against qpidd
>> 0.32.
>>
>> I prodded the nightly snapshot job to run earlier so a build with the
>> changes are now available, if you want to test this or anything else
>> the bug had prevented you trying. You can get the bits either by
>> adding https://repository.apache.org/content/repositories/snapshots as
>> a repo for your maven build and using the 0.2.0-SNAPSHOT client
>> dependency, or by grabbing the src/bin archive from
>>
>> https://repository.apache.org/content/repositories/snapshots/org/apache/qpid/apache-qpid-jms/0.2.0-SNAPSHOT/
>>
>> Robbie
>>
>> On 26 March 2015 at 14:09, Jakub Scholz <ja...@scholz.cz> wrote:
>> > I raised the JIRA - QPIDJMS-33. I also added the related logs from the
>> > client and broker. Let me know if you need some more help reproducing it
>> /
>> > testing it.
>> >
>> > Robbie, it can definitely wait after your vacation is over - enjoy your
>> > free time instead of fixing Qpid bugs :-).
>> >
>> > Regards
>> > Jakub
>> >
>> > On Thu, Mar 26, 2015 at 2:27 PM, Robbie Gemmell <
>> robbie.gemmell@gmail.com>
>> > wrote:
>> >
>> >> Hi Jakub,
>> >>
>> >> Its meant to, but would seem not to be doing something correctly and
>> >> so isnt playing well with the C++ broker as a result (I'll admit I
>> >> only tested it against the Java broker when I added it).
>> >>
>> >> I'm a little surprised that the broker is actually challenging, but
>> >> from a quick read of the rfc I would guess the client isnt sending the
>> >> empty initial response and so the server is challenging using it and
>> >> expecting an empty response that the client again fails to send. If
>> >> thats the case I imagine the empty bytes are being dropped somewhere.
>> >> I'll take a look when I get a chance, but it might not be until my
>> >> vacation is done (Monday).
>> >>
>> >> Robbie
>> >>
>> >> On 26 March 2015 at 12:19, Jakub Scholz <ja...@scholz.cz> wrote:
>> >> > Hi Robbie, Tim,
>> >> >
>> >> > I was wondering ... does the new JMS client already support SASL
>> EXTERNAL
>> >> > authentication? It looks like it selects the EXTERNAL mechanism when
>> it
>> >> is
>> >> > offered by the broker, but it looks like it never responds to the
>> >> challenge
>> >> > sent by the broker (Qpid C++ 0.22 / MRG-M 3.0).
>> >> >
>> >> > Thanks & Regards
>> >> > Jakub
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
>> >> For additional commands, e-mail: users-help@qpid.apache.org
>> >>
>> >>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
>> For additional commands, e-mail: users-help@qpid.apache.org
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org