You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Ken Giusti (JIRA)" <qp...@incubator.apache.org> on 2009/09/14 18:49:57 UTC

[jira] Updated: (QPID-1899) --require-encryption doesn't work unless cyrus sasl authentication is turned on

     [ https://issues.apache.org/jira/browse/QPID-1899?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ken Giusti updated QPID-1899:
-----------------------------

    Attachment: qpid-1899-hacky.patch

Hi Gordon,

I've tried implementing the hacky/safe approach (see patch).   I tested it against perftest running in the clear with authentication.  When I run the broker with --auth no --require-encryption,  the connection is refused as expected.    However, if I run broker with --auth yes & --require-encryption,  the unencrypted (but authenticated) perftest connection succeeds - is that correct behavior?

In the meantime, I'll try implementing the "cleaner" approach...

thanks,  
-K

> --require-encryption doesn't work unless cyrus sasl authentication is turned on
> -------------------------------------------------------------------------------
>
>                 Key: QPID-1899
>                 URL: https://issues.apache.org/jira/browse/QPID-1899
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>    Affects Versions: 0.5
>            Reporter: Gordon Sim
>            Assignee: Gordon Sim
>             Fix For: 0.6
>
>         Attachments: qpid-1899-hacky.patch
>
>
> If you specify --require-encryption and --auth no then the broker will allow un-encrypted conections. (If on the other hand you have authentication on, it will prevent you connecting with anything other than a mech that supports encryption and will require an encrypting sasl security layer - or of course an ssl connection)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org