You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/05/01 22:49:09 UTC

[jira] [Commented] (QPID-6511) [C++ Broker, clients] AMQP 0-10 windows clients can not connect to --no-auth broker

    [ https://issues.apache.org/jira/browse/QPID-6511?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14523903#comment-14523903 ] 

ASF subversion and git services commented on QPID-6511:
-------------------------------------------------------

Commit 1677224 from chug@apache.org in branch 'qpid/trunk'
[ https://svn.apache.org/r1677224 ]

QPID-6511: AMQP 0.10 windows clients cannot connect to no-auth qpidd broker.

1. Do not negotiate SASL EXTERNAL or PLAIN if no username is
   specified. Note that a blank PLAIN password is allowed.
2. If SASL ANONYMOUS is negotiated then return a response of
   "anonymous@<hostname>", which is what the linux client returns.

The client provides a username for the host in all cases.

> [C++ Broker, clients] AMQP 0-10 windows clients can not connect to --no-auth broker
> -----------------------------------------------------------------------------------
>
>                 Key: QPID-6511
>                 URL: https://issues.apache.org/jira/browse/QPID-6511
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker, C++ Client
>    Affects Versions: 0.32
>         Environment: C++ Broker, windows client (drain or spout)
>            Reporter: Chuck Rolke
>            Assignee: Chuck Rolke
>         Attachments: bz1192924-linux_client-spout_1-no-args_2-username_3-sasl-anon.html, bz1192924-win_client-spout_1-no-args_2-username_3-sasl-anon.html
>
>
> Broker
> {noformat}
> ./qpidd --auth no
> {noformat}
> Windows client
> {noformat}
> spout -b my-broker:5672 amq.topic
> {noformat}
> Fails with "Not authenticated!"
> The behavior change was in the broker as part of QPID-6325. Arguably the change is a good thing as it prevents clients connecting to the broker with no name. However, it makes for a poor out-of-the-box experience with a no-auth broker rejecting connections with an auth error. 
> Clients can make a connection by adding:
> {noformat}
> --connection-options "{username:dummy}"
> or
> --connection-options "{sasl-mechanisms:ANONYMOUS}"
> {noformat}
> But the change breaks years of accumulated self tests that work just fine against older versions of qpidd.
> The proposal to fix this is to make the Windows client provide the same connection defaults as linux cyrus sasl. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org