You are viewing a plain text version of this content. The canonical link for it is here.
Posted to proton@qpid.apache.org by Andreas Welchlin <an...@welchlin.de> on 2014/02/03 19:06:41 UTC
SASL Authorization fails
Hi All,
I tried to connect to Qpid using SASL authorization. Unfortunately I had
no success. And I am missing a step by step example.
I am running the c++ broker on a linux machine (fedora). And I want to
connect via JMS from a Windows machine.
Let's say I want do create a user:
Username: tom
Password: ttt
Name of SASL realm: QPID
So I change /etc/qpid/qpidd.conf:
auth=yes
realm=QPID
And I create a user in SASL:
saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID tom
Password: ttt
Again (for verification): ttt
The connection string in my JMS application is:
connectionfactory.qpidConnectionfactory =
amqp://tom:ttt@clientId/?brokerlist='tcp://192.168.0.102:5672'
When I try to connect I get the message:
Unable to connect to broker at tcp://192.168.0.102:5672
org.apache.qpid.AMQException: Cannot connect to broker:
connection-forced: Authentication failed [error code 320: connection forced]
Please could someone enlighten me. What is wrong with my configuration?
Regards,
Andreas
Re: SASL Authorization fails
Posted by Andreas Welchlin <an...@welchlin.de>.
I sent the mail a bit too fast and can give the anwer myself.
There were two problems:
1st: I had to chown the sasl database to qpid:qpid
2nd: The user must not be tom but tom@QPID.
It works, now!
So the correct step by step howto is:
--------------------------------------------------------------------------------
I want do create a user:
Username: tom
Password: ttt
Name of SASL realm: QPID
So I change /etc/qpid/qpidd.conf:
auth=yes
realm=QPID
And I create a user in SASL:
saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID tom@QPID
Password: ttt
Again (for verification): ttt
I change the owner of the SASL database to qpidd:
chown qpidd:qpidd /var/lib/qpidd/qpidd.sasldb
The connection string in my JMS application is:
connectionfactory.qpidConnectionfactory =
amqp://tom:ttt@clientId/?brokerlist='tcp://192.168.0.102:5672'
--------------------------------------------------------------------------------
Regards,
Andreas
Am 03.02.2014 19:06, schrieb Andreas Welchlin:
> Hi All,
>
> I tried to connect to Qpid using SASL authorization. Unfortunately I
> had no success. And I am missing a step by step example.
>
> I am running the c++ broker on a linux machine (fedora). And I want to
> connect via JMS from a Windows machine.
>
> Let's say I want do create a user:
>
> Username: tom
> Password: ttt
> Name of SASL realm: QPID
>
> So I change /etc/qpid/qpidd.conf:
> auth=yes
> realm=QPID
>
> And I create a user in SASL:
>
> saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID tom
> Password: ttt
> Again (for verification): ttt
>
> The connection string in my JMS application is:
> connectionfactory.qpidConnectionfactory =
> amqp://tom:ttt@clientId/?brokerlist='tcp://192.168.0.102:5672'
>
>
> When I try to connect I get the message:
> Unable to connect to broker at tcp://192.168.0.102:5672
> org.apache.qpid.AMQException: Cannot connect to broker:
> connection-forced: Authentication failed [error code 320: connection
> forced]
>
>
> Please could someone enlighten me. What is wrong with my configuration?
>
> Regards,
> Andreas
>
>
>