You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Pavel Moravec (JIRA)" <ji...@apache.org> on 2012/05/16 10:37:03 UTC
[jira] [Updated] (QPID-4003) qpid-cluster to allow --sasl-mechanism
option
[ https://issues.apache.org/jira/browse/QPID-4003?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-4003:
--------------------------------
Attachment: qpid-cluster-mechList.patch
patch implementing --sasl-mechanism option. Simple copy&paste code from qpid-stat, I verified it works properly.
> qpid-cluster to allow --sasl-mechanism option
> ---------------------------------------------
>
> Key: QPID-4003
> URL: https://issues.apache.org/jira/browse/QPID-4003
> Project: Qpid
> Issue Type: Improvement
> Components: Python Tools
> Affects Versions: 0.14
> Reporter: Pavel Moravec
> Priority: Minor
> Labels: patch
> Attachments: qpid-cluster-mechList.patch
>
> Original Estimate: 2h
> Remaining Estimate: 2h
>
> Description of problem:
> qpid-cluster shall have option --sasl-mechanism to select which SASL authentication mechanism it wishes to use. Other qpid tools have it.
> That makes sense e.g. when more mechanisms are allowed and one wishes to authenticate qpid-cluster via Kerberos. Currently qpid-cluster picks up the most secure method (DIGEST-MD5) that can't be changed.
> Trivial patch is already proposed.
> Version-Release number of selected component (if applicable):
> qpid 0.14
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. don't limit auth.mechanisms in /etc/sasl2/qpidd.conf (comment out mech_list there, if present)
> 2. have auth=yes in a clustered broker
> 3. Setup Kerberos credentials.
> 4. Try to run qpid-cluster authenticating via Kerberos.
>
> Actual results:
> There is no option to pick up a mechanism (in our case, GSSAPI).
> Expected results:
> Have --sasl-mechanism option available.
> Additional info:
> Easy patch proposed.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org