You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Robbie Gemmell (JIRA)" <ji...@apache.org> on 2011/05/12 14:11:47 UTC
[jira] [Resolved] (QPID-3249) Remove incomplete support for
authentication at virtualhost level
[ https://issues.apache.org/jira/browse/QPID-3249?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell resolved QPID-3249.
----------------------------------
Resolution: Fixed
Fix Version/s: 0.11
Patch applied.
> Remove incomplete support for authentication at virtualhost level
> ------------------------------------------------------------------
>
> Key: QPID-3249
> URL: https://issues.apache.org/jira/browse/QPID-3249
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Affects Versions: 0.10
> Reporter: Keith Wall
> Assignee: Robbie Gemmell
> Priority: Minor
> Fix For: 0.11
>
> Attachments: 0001-QPID-3249-Remove-incomplete-support-for-authenticati.patch
>
>
> In addition to the principal db specified at the broker level, VirtualHostImpl tries to support authentication at virtualhost level. This concept is flawed as in Qpid, username and password _must_ be considered, before virtual host.
> i.e.
> {code}
> <virtualhost>
> <name>localhost</name>
> <localhost>
> ....
> <security>
> <!-- Would need protocol changes to allow this-->
> <authentication>
> <name>passwordfile</name>
> <!-- Currently this can't be used as Vhost isn't specified at connection start only connection open -->
> <mechanism>PLAIN</mechanism>
> </authentication>
> .....
> {code}
> The redundant implementation in VirtualHostImpl should be removed.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org