You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by ju...@centrum.cz on 2010/12/15 11:03:20 UTC
Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
Hi guys,
I am trying to reach a qpidd broker started with the --auth no option from a Java client (both version 0.8) and am receiving the following exception:
javax.jms.JMSException: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
at org.apache.qpid.client.AMQConnectionFactory.createConnection(AMQConnectionFactory.java:286)
....
My JNDI/JMS configuration is:
java.naming.factory.initial = org.apache.qpid.jndi.PropertiesFileInitialContextFactory
connectionfactory.qpidConnectionfactory = amqp://guest:guest@clientid/abcd?brokerlist='tcp://localhost:5672'
destination.mainSend = direct://amq.direct//step.01
It worked just fine in 0.6 but no success now in 0.8.
What am I doing wrong? Any clues?
Thanks for any hints!
Ibisek
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
RE: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
Posted by blume <ju...@centrum.cz>.
All right, I've created https://issues.apache.org/jira/browse/QPID-2979 (hopefully correctly)
Ibisek
______________________________________________________________
> Od: "Steve Huston" <sh...@riverace.com>
> Komu: <us...@qpid.apache.org>
> Datum: 15.12.2010 14:58
> Předmět: RE: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
>
>Good morning.
>
>> -----Original Message-----
>> From: Gordon Sim [mailto:gsim@redhat.com]
>>
>> On 12/15/2010 12:57 PM, junkmailxx@centrum.cz wrote:
>> >
>> > All right, will see what the 0.9 brings.
>
>Could you please enter a JIRA for this issue? Else 0.9 won't bring
>anything ;-)
>
>> For now it would probably be simplest to not use auth=no, and simply
>> setup a trivial user database with guest as the only user.
>>
>> (I don't know anything yet about how the broker on windows manages
>> users, so can't tell you exactly how to do that. I'm sure Steve will
>> chip in though).
>
>Add a regular Windows user "guest" with the desired password.
>
>-Steve
>
>
>---------------------------------------------------------------------
>Apache Qpid - AMQP Messaging Implementation
>Project: http://qpid.apache.org
>Use/Interact: mailto:users-subscribe@qpid.apache.org
>
>
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Error creating connection: The following SASL mechanisms [PLAIN]
specified by the client are not supported by the broker
Posted by Gordon Sim <gs...@redhat.com>.
On 12/15/2010 01:57 PM, Steve Huston wrote:
>> -----Original Message-----
>> From: Gordon Sim [mailto:gsim@redhat.com]
>> For now it would probably be simplest to not use auth=no, and simply
>> setup a trivial user database with guest as the only user.
>>
>> (I don't know anything yet about how the broker on windows manages
>> users, so can't tell you exactly how to do that. I'm sure Steve will
>> chip in though).
>
> Add a regular Windows user "guest" with the desired password.
Ah; nice and simple! Thanks Steve!
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
RE: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
Posted by Steve Huston <sh...@riverace.com>.
Good morning.
> -----Original Message-----
> From: Gordon Sim [mailto:gsim@redhat.com]
>
> On 12/15/2010 12:57 PM, junkmailxx@centrum.cz wrote:
> >
> > All right, will see what the 0.9 brings.
Could you please enter a JIRA for this issue? Else 0.9 won't bring
anything ;-)
> For now it would probably be simplest to not use auth=no, and simply
> setup a trivial user database with guest as the only user.
>
> (I don't know anything yet about how the broker on windows manages
> users, so can't tell you exactly how to do that. I'm sure Steve will
> chip in though).
Add a regular Windows user "guest" with the desired password.
-Steve
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Error creating connection: The following SASL mechanisms [PLAIN]
specified by the client are not supported by the broker
Posted by Gordon Sim <gs...@redhat.com>.
On 12/15/2010 12:57 PM, junkmailxx@centrum.cz wrote:
>
> All right, will see what the 0.9 brings.
For now it would probably be simplest to not use auth=no, and simply
setup a trivial user database with guest as the only user.
(I don't know anything yet about how the broker on windows manages
users, so can't tell you exactly how to do that. I'm sure Steve will
chip in though).
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
Posted by ju...@centrum.cz.
All right, will see what the 0.9 brings.
Thank you for the interaction!
Ibisek
______________________________________________________________
> Od: "Gordon Sim" <gs...@redhat.com>
> Komu: users@qpid.apache.org
> Datum: 15.12.2010 13:49
> Předmět: Re: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
>
>On 12/15/2010 10:48 AM, junkmailxx@centrum.cz wrote:
>> I am getting this:
>>
>> C:Program Filesapache-qpidc-0.8bin>qpidd --auth no --log-enable info+ --log-enable trace+:amqp_0_10
>> 2010-12-15 11:42:48 info Management enabled
>> 2010-12-15 11:42:48 notice SASL disabled: No Authentication Performed
>> 2010-12-15 11:42:48 info Policy file not specified. ACL Disabled, no ACL checking being done!
>> 2010-12-15 11:42:48 error Failed to initialise SSL listener: The credentials supplied to the package were not recognized (........cpps
>> rcqpidbrokerwindowsSslProtocolFactory.cpp:177)
>> 2010-12-15 11:42:48 notice Listening on TCP port 5672
>> 5672
>> 2010-12-15 11:42:48 notice Broker running
>> 2010-12-15 11:42:53 trace SENT 127.0.0.1:1786 INIT(0-10)
>> 2010-12-15 11:42:53 trace SENT [127.0.0.1:1786]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
>> tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
>>
>>
>> When I run it with the -t option, I get:
>>
>> 2010-12-15 11:45:56 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
>> 2010-12-15 11:46:01 debug RECV [127.0.0.1:1794] INIT(0-10)
>> 2010-12-15 11:46:01 trace SENT 127.0.0.1:1794 INIT(0-10)
>> 2010-12-15 11:46:01 trace SENT [127.0.0.1:1794]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
>> tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
>> 2010-12-15 11:46:01 debug DISCONNECTED [127.0.0.1:1794]
>> 2010-12-15 11:46:01 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
>>
>>
>> Running qpidd 0.8 from from the Contributed C++ Package-> Windows Installer download section on Windows XP.
>
>Ok, as you can see the windows broker behaves slightly differently with
>--auth no, and only offers ANONYMOUS.
>
>Unfortunately at present there is no implementation of that mechanism
>for java (either in the SunSASL provider or explicitly provided by
>Qpid). It would not be difficult to add I imagine.
>
>Perhaps the behaviour of the windows broker in this regard has changed
>in 0.8, intentionally or otherwise(?). However I can't see any obvious
>change.
>
>It would be an easy fix on the broker side (the handling of PLAIN is
>still there for the auth=no case, just need to advertise the mech).
>
>
>
>---------------------------------------------------------------------
>Apache Qpid - AMQP Messaging Implementation
>Project: http://qpid.apache.org
>Use/Interact: mailto:users-subscribe@qpid.apache.org
>
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Error creating connection: The following SASL mechanisms [PLAIN]
specified by the client are not supported by the broker
Posted by Gordon Sim <gs...@redhat.com>.
On 12/15/2010 10:48 AM, junkmailxx@centrum.cz wrote:
> I am getting this:
>
> C:Program Filesapache-qpidc-0.8bin>qpidd --auth no --log-enable info+ --log-enable trace+:amqp_0_10
> 2010-12-15 11:42:48 info Management enabled
> 2010-12-15 11:42:48 notice SASL disabled: No Authentication Performed
> 2010-12-15 11:42:48 info Policy file not specified. ACL Disabled, no ACL checking being done!
> 2010-12-15 11:42:48 error Failed to initialise SSL listener: The credentials supplied to the package were not recognized (........cpps
> rcqpidbrokerwindowsSslProtocolFactory.cpp:177)
> 2010-12-15 11:42:48 notice Listening on TCP port 5672
> 5672
> 2010-12-15 11:42:48 notice Broker running
> 2010-12-15 11:42:53 trace SENT 127.0.0.1:1786 INIT(0-10)
> 2010-12-15 11:42:53 trace SENT [127.0.0.1:1786]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
> tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
>
>
> When I run it with the -t option, I get:
>
> 2010-12-15 11:45:56 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
> 2010-12-15 11:46:01 debug RECV [127.0.0.1:1794] INIT(0-10)
> 2010-12-15 11:46:01 trace SENT 127.0.0.1:1794 INIT(0-10)
> 2010-12-15 11:46:01 trace SENT [127.0.0.1:1794]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
> tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
> 2010-12-15 11:46:01 debug DISCONNECTED [127.0.0.1:1794]
> 2010-12-15 11:46:01 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
>
>
> Running qpidd 0.8 from from the Contributed C++ Package-> Windows Installer download section on Windows XP.
Ok, as you can see the windows broker behaves slightly differently with
--auth no, and only offers ANONYMOUS.
Unfortunately at present there is no implementation of that mechanism
for java (either in the SunSASL provider or explicitly provided by
Qpid). It would not be difficult to add I imagine.
Perhaps the behaviour of the windows broker in this regard has changed
in 0.8, intentionally or otherwise(?). However I can't see any obvious
change.
It would be an easy fix on the broker side (the handling of PLAIN is
still there for the auth=no case, just need to advertise the mech).
Re: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
Posted by ju...@centrum.cz.
Hi Gordon,
I am getting this:
C:Program Filesapache-qpidc-0.8bin>qpidd --auth no --log-enable info+ --log-enable trace+:amqp_0_10
2010-12-15 11:42:48 info Management enabled
2010-12-15 11:42:48 notice SASL disabled: No Authentication Performed
2010-12-15 11:42:48 info Policy file not specified. ACL Disabled, no ACL checking being done!
2010-12-15 11:42:48 error Failed to initialise SSL listener: The credentials supplied to the package were not recognized (........cpps
rcqpidbrokerwindowsSslProtocolFactory.cpp:177)
2010-12-15 11:42:48 notice Listening on TCP port 5672
5672
2010-12-15 11:42:48 notice Broker running
2010-12-15 11:42:53 trace SENT 127.0.0.1:1786 INIT(0-10)
2010-12-15 11:42:53 trace SENT [127.0.0.1:1786]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
When I run it with the -t option, I get:
2010-12-15 11:45:56 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
2010-12-15 11:46:01 debug RECV [127.0.0.1:1794] INIT(0-10)
2010-12-15 11:46:01 trace SENT 127.0.0.1:1794 INIT(0-10)
2010-12-15 11:46:01 trace SENT [127.0.0.1:1794]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:s
tr16(96790865-dc5c-427a-affe-70d021653737)}; mechanisms=str16{V2:9:str16(ANONYMOUS)}; locales=str16{V2:5:str16(en_US)}; }]
2010-12-15 11:46:01 debug DISCONNECTED [127.0.0.1:1794]
2010-12-15 11:46:01 trace SEND raiseEvent (v1) class=org.apache.qpid.broker.clientDisconnect
Running qpidd 0.8 from from the Contributed C++ Package- > Windows Installer download section on Windows XP.
______________________________________________________________
> Od: "Gordon Sim" <gs...@redhat.com>
> Komu: users@qpid.apache.org
> Datum: 15.12.2010 11:38
> Předmět: Re: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
>
>On 12/15/2010 10:03 AM, junkmailxx@centrum.cz wrote:
>> I am trying to reach a qpidd broker started with the --auth no option from a Java client (both version 0.8) and am receiving the following exception:
>>
>> javax.jms.JMSException: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
>> at org.apache.qpid.client.AMQConnectionFactory.createConnection(AMQConnectionFactory.java:286)
>> ....
>>
>> My JNDI/JMS configuration is:
>>
>> java.naming.factory.initial = org.apache.qpid.jndi.PropertiesFileInitialContextFactory
>> connectionfactory.qpidConnectionfactory = amqp://guest:guest@clientid/abcd?brokerlist='tcp://localhost:5672'
>> destination.mainSend = direct://amq.direct//step.01
>>
>> It worked just fine in 0.6 but no success now in 0.8.
>>
>> What am I doing wrong? Any clues?
>
>Try turn ing on tracing on the broker side (--log-enable info+
>--log-enable trace+:amqp_0_10 is how I do that). You should see
>something like the following:
>
>> 2010-12-15 10:31:50 trace SENT 127.0.0.1:45652 INIT(0-10)
>> 2010-12-15 10:31:50 trace SENT [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:str16(06f558c7-37a1-4d15-a0fb-4586355a6598)}; mechanisms=str16{V2:9:str16(ANONYMOUS), V2:5:str16(PLAIN)}; locales=str16{V2:5:str16(en_US)}; }]
>> 2010-12-15 10:31:50 trace RECV [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionStartOkBody: client-properties={qpid.client_pid:F4:int32(6173),qpid.client_process:V2:16:str16(Qpid Java Client),qpid.session_flow:F4:int32(1)}; mechanism=PLAIN; response=xxxxxx; }]
>> 2010-12-15 10:31:50 trace SENT [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionTuneBody: channel-max=32767; max-frame-size=65535; heartbeat-min=0; heartbeat-max=120; }]
>
>With --auth no specified, qpidd should always offer ANONYMOUS and PLAIN
>(though it doesn't actually attempt to verify users in the PLAIN case in
>anyway) as seen here in the ConnectionStart. The client should then be
>able to choose PLAIN without issue (as seen in the following
>ConnectionStartOk).
>
>What is the interaction you are seeing here? What platform are you
>running the broker on?
>
>---------------------------------------------------------------------
>Apache Qpid - AMQP Messaging Implementation
>Project: http://qpid.apache.org
>Use/Interact: mailto:users-subscribe@qpid.apache.org
>
>
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Error creating connection: The following SASL mechanisms [PLAIN]
specified by the client are not supported by the broker
Posted by Gordon Sim <gs...@redhat.com>.
On 12/15/2010 10:03 AM, junkmailxx@centrum.cz wrote:
> I am trying to reach a qpidd broker started with the --auth no option from a Java client (both version 0.8) and am receiving the following exception:
>
> javax.jms.JMSException: Error creating connection: The following SASL mechanisms [PLAIN] specified by the client are not supported by the broker
> at org.apache.qpid.client.AMQConnectionFactory.createConnection(AMQConnectionFactory.java:286)
> ....
>
> My JNDI/JMS configuration is:
>
> java.naming.factory.initial = org.apache.qpid.jndi.PropertiesFileInitialContextFactory
> connectionfactory.qpidConnectionfactory = amqp://guest:guest@clientid/abcd?brokerlist='tcp://localhost:5672'
> destination.mainSend = direct://amq.direct//step.01
>
> It worked just fine in 0.6 but no success now in 0.8.
>
> What am I doing wrong? Any clues?
Try turn ing on tracing on the broker side (--log-enable info+
--log-enable trace+:amqp_0_10 is how I do that). You should see
something like the following:
> 2010-12-15 10:31:50 trace SENT 127.0.0.1:45652 INIT(0-10)
> 2010-12-15 10:31:50 trace SENT [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionStartBody: server-properties={qpid.federation_tag:V2:36:str16(06f558c7-37a1-4d15-a0fb-4586355a6598)}; mechanisms=str16{V2:9:str16(ANONYMOUS), V2:5:str16(PLAIN)}; locales=str16{V2:5:str16(en_US)}; }]
> 2010-12-15 10:31:50 trace RECV [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionStartOkBody: client-properties={qpid.client_pid:F4:int32(6173),qpid.client_process:V2:16:str16(Qpid Java Client),qpid.session_flow:F4:int32(1)}; mechanism=PLAIN; response=xxxxxx; }]
> 2010-12-15 10:31:50 trace SENT [127.0.0.1:45652]: Frame[BEbe; channel=0; {ConnectionTuneBody: channel-max=32767; max-frame-size=65535; heartbeat-min=0; heartbeat-max=120; }]
With --auth no specified, qpidd should always offer ANONYMOUS and PLAIN
(though it doesn't actually attempt to verify users in the PLAIN case in
anyway) as seen here in the ConnectionStart. The client should then be
able to choose PLAIN without issue (as seen in the following
ConnectionStartOk).
What is the interaction you are seeing here? What platform are you
running the broker on?
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org