You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Pavel Moravec (JIRA)" <ji...@apache.org> on 2011/08/05 14:01:28 UTC
[jira] [Created] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Specifying username/password in JMS clients should not be mandatory
-------------------------------------------------------------------
Key: QPID-3396
URL: https://issues.apache.org/jira/browse/QPID-3396
Project: Qpid
Issue Type: Bug
Components: Java Client
Affects Versions: 0.10
Reporter: Pavel Moravec
Priority: Minor
Fix For: 0.12
Attachments: CredentialsMandatory.java
Description of problem:
Section 3.2.2 of the Programming in Apache Qpid guide says that the
username/password in the JNDI connection URL is optional:
amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
How reproducible:
100%
Steps to Reproduce:
1. Set auth=no in /etc/qpidd.conf
2. Run connectionURLWithoutUserInfo in attached JUnit test
Actual results:
Exception raised:
User information not found on url between indicies 7 and 1
amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597) at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at
org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
Expected results:
No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: 0001-connectionURL-credentials-optional.patch
New version of patch. It again sets username to "anonymous" and password to "" (only when the credentials are missing), but further:
- if sasl_mechs is present and not ANONYMOUS, it raises an exception
- if sasl_mechs is not present, it logs warning that sasl_mechs is being set to ANONYMOUS (as we assume that no credentials means ANONYMOUS mechanism so we have to restrict the client to it)
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: 0001-connectionURL-credentials-optional.patch, CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Commented] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Rajith Attapattu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13433235#comment-13433235 ]
Rajith Attapattu commented on QPID-3396:
----------------------------------------
"if sasl_mechs is not present, it logs warning that sasl_mechs is being set to ANONYMOUS (as we assume that no credentials means ANONYMOUS mechanism so we have to restrict the client to it)"
This is not correct. Simply bcos user/pass is missing, we can't force the client to use "ANONYMOUS".
For example for GSSAPI and EXTERNAL you don't need a user/pass. Infact the customer who logged the original issue was using EXTERNAL and was wondering why he needs to specify user/pass.
Again I think the correct behaviour is to look at the selected mech (after negotiation with the peer) and then see if user/pass is required. If so then throw an exception.
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: 0001-connectionURL-credentials-optional.patch, CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: (was: 0001-connectionURL-credentials-optional.patch)
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Fix Version/s: (was: Future)
Affects Version/s: (was: 0.10)
0.18
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Commented] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13436665#comment-13436665 ]
Pavel Moravec commented on QPID-3396:
-------------------------------------
> Again I think the correct behaviour is to look at the selected mech (after negotiation with the peer) and then see if user/pass is required. If so then throw an exception.
With the current C++ broker and auth=no, the broker sends in connection.start AMQP command auth.mechanisms "ANONYMOUS" and also "PLAIN" - the second is due to allowing some tests (per gsim). If a client chooses PLAIN mechanism here and sends whatever credentials, the broker silently ignores them.
But that would cause a problem in our case as:
- client library got no crednetials from the client
- broker offers PLAIN and ANONYMOUS mechs, not telling anything about no auth required
- library chooses PLAIN as more secure and fails due to no credentials
Therefore I suggest the patch that checks during URL parsing if credentials are missing _and_ sasl_mechs is not specified - only in that case, it restricts the mechanisms to ANONYMOUS GSSAPI EXTERNAL as these dont require credetials in this way.
I tested the patch works fine in all combinations "auth=yes/no" x "credentials provided / not provided" x "/etc/sasl2/qpidd.conf restricted mech_list to ..". I have _not_ verify GSSAPI mechanism only.
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: CredentialsMandatory.java
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.10
> Reporter: Pavel Moravec
> Priority: Minor
> Fix For: 0.12
>
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: 0001-connectionURL-credentials-optional.patch
Simple patch proposal.
When parsing connectionURL detects no credentials, don't raise exception but set username and password to some dummy-like values.
As C++ broker deals with anonymous users as "anonymous@QPID" (where QPID is realm), username was set to "anonymous".
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: 0001-connectionURL-credentials-optional.patch, CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: 0001-connectionURL-credentials-optional.patch
Patch proposal, see comment Starting with "> Again I think .." for details.
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: 0001-connectionURL-credentials-optional.patch, CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Robbie Gemmell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell updated QPID-3396:
---------------------------------
Fix Version/s: (was: 0.12)
Future
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.10
> Reporter: Pavel Moravec
> Priority: Minor
> Fix For: Future
>
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Pavel Moravec (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3396:
--------------------------------
Attachment: (was: 0001-connectionURL-credentials-optional.patch)
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Commented] (QPID-3396) Specifying username/password in JMS
clients should not be mandatory
Posted by "Rajith Attapattu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13433160#comment-13433160 ]
Rajith Attapattu commented on QPID-3396:
----------------------------------------
What if the SASL mech is PLAIN?
In that case if the user name and password is empty we should probably throw an exception rather than silently setting it to "anonymous".
Alternatively, we could set it to "anonymous", but check them at the SASL layer and throw an appropriate exception that would point to the fact that the URL is missing the credentials.
We should make sure we provide the end-user a proper notification as to what the real issue is.
> Specifying username/password in JMS clients should not be mandatory
> -------------------------------------------------------------------
>
> Key: QPID-3396
> URL: https://issues.apache.org/jira/browse/QPID-3396
> Project: Qpid
> Issue Type: Bug
> Components: Java Client
> Affects Versions: 0.18
> Reporter: Pavel Moravec
> Priority: Minor
> Attachments: 0001-connectionURL-credentials-optional.patch, CredentialsMandatory.java
>
>
> Description of problem:
> Section 3.2.2 of the Programming in Apache Qpid guide says that the
> username/password in the JNDI connection URL is optional:
> amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>='<value>']]
> However skipping the [<user>:<pass>@] part in an URL leads to exception raised.
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. Set auth=no in /etc/qpidd.conf
> 2. Run connectionURLWithoutUserInfo in attached JUnit test
> Actual results:
> Exception raised:
> User information not found on url between indicies 7 and 1
> amqp://clientid/test?brokerlist='tcp://localhost:5672' ^ at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:143) at
> org.apache.qpid.url.URLHelper.parseError(URLHelper.java:138) at
> org.apache.qpid.client.url.URLParser.parseURL(URLParser.java:111) at
> org.apache.qpid.client.url.URLParser.<init>(URLParser.java:42) at
> org.apache.qpid.client.AMQConnectionURL.<init>(AMQConnectionURL.java:63) at
> com.gs.mrg.eval.PLAIN_AuthenticationExample.connectionURLWithoutUserInfo(PLAIN_AuthenticationExample.java:109)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:274) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:48)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:242) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:58) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:240) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:48) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:233) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:303) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Expected results:
> No exception raised, the broker should authenticate the connection request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org