You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by Andrew Kennedy <an...@gmail.com> on 2010/06/07 12:16:28 UTC
Connection close codes question
All,
I raised QPID-2648 to try and add the 403 (Unauthorized Access)
exception code as a way of indicating why a 0-10 connection might be
closed due to a security ACL failure, since the only codes available
to me were:
200 / NORMAL
320 / CONNECTION_FORCED
402 / INVALID_PATH
501 / FRAMING_ERROR
None of these seems to fit - I really don't want to close a connection
with a code of 200 when there's a security failure, but adding the 403
to the connection close codes is not allowed, since it isn't listed in
the actual specs.
So - Is there some other way of signalling other forms of abnormal
connection close? What would be the result of sending a 403 code
*anyway* when closing a 0-10 connection?
Andrew.
--
-- andrew d kennedy ? edinburgh : +44 7941 197 134
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
Re: Connection close codes question
Posted by Gordon Sim <gs...@redhat.com>.
On 06/07/2010 11:16 AM, Andrew Kennedy wrote:
> All,
>
> I raised QPID-2648 to try and add the 403 (Unauthorized Access)
> exception code as a way of indicating why a 0-10 connection might be
> closed due to a security ACL failure, since the only codes available
> to me were:
>
> 200 / NORMAL
> 320 / CONNECTION_FORCED
> 402 / INVALID_PATH
> 501 / FRAMING_ERROR
>
> None of these seems to fit - I really don't want to close a connection
> with a code of 200 when there's a security failure, but adding the 403
> to the connection close codes is not allowed, since it isn't listed in
> the actual specs.
The 403, UNAUTHORIZED_ACCESS as defined in the specification is an
execution exception and relates only to the session, not the whole
connection.
> So - Is there some other way of signalling other forms of abnormal
> connection close?
The c++ broker uses 320, CONNECTION_FORCED to indicate an authentication
failure; that case is missing a code in the specification.
> What would be the result of sending a 403 code
> *anyway* when closing a 0-10 connection?
>
> Andrew.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org