[jira] [Commented] (PROTON-735) SASL authentication failures appear as I/O failures

["Andrew Stitcher (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/PROTON-735?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15731615#comment-15731615 ] 

Andrew Stitcher commented on PROTON-735:
----------------------------------------

0.9 is when the full sasl implementation went into proton so that is why it would be the fix version.

As of 0.15 clients are able to produce the SASL failure message from the server, so I think this issue is fixed.

> SASL authentication failures appear as I/O failures
> ---------------------------------------------------
>
>                 Key: PROTON-735
>                 URL: https://issues.apache.org/jira/browse/PROTON-735
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.8
>            Reporter: Ken Giusti
>            Assignee: Andrew Stitcher
>              Labels: close-pending
>
> Using the current SASL api, an application has to poll the pn_sasl_t object's state (pn_sasl_state()) until a terminal state is reached (STATE_PASS/FAIL).
> Once the terminal state is reached, the outcome can be queried via pn_sasl_outcome.
> Unfortunately, when the sasl client receives an authentication failure outcome from the sasl server, the sasl layer returns PN_ERR from its input processing code.  This causes the pn_transport_push() to return a generic error.
> From the application's point of view, this effectively results in the transport failing *before* the sasl terminal state has been reached.  The application will interpret this event as a generic input failure on the transport - not the authentication failure it actually was.   



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org