[
https://issues.apache.org/jira/browse/QPID-3246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13030759#comment-13030759
]
Rajith Attapattu edited comment on QPID-3246 at 5/9/11 3:06 PM:
----------------------------------------------------------------
Gordon, I looked at the code and it seems we do attempt to select a mutually
supported list.
Let me test it out and see if it's indeed the case. If the broker is only
supporting ANONYMOUS (or CRAM-MD5) then the client should throw an exception as
it's configured to use PLAIN by default.
In the case you tested, was PLAIN one of the mutually supported mechs ? If so
then maybe the following might be the problem.
<code>
byte[] response = sc.hasInitialResponse() ? sc.evaluateChallenge(new byte[0]) :
null;
conn.connectionStartOk(clientProperties, sc.getMechanismName(),
response,conn.getLocale());
</code>
Perhaps the hasInitialResponse always chooses PLAIN if it's in the list.
Or does it choose the most secure mechanism?
I can test this by having a broker configured with both ANONYMOUS, PLAIN &
CRAM-MD5
was (Author: rajith):
Gordon, I looked at the code and it seems we do attempt to select a
mutually supported list.
Let me test it out and see if it's indeed the case. If the broker is only
supporting ANONYMOUS (or CRAM-MD5) then the client should throw an exception as
it's configured to use PLAIN by default.
In the case you tested, was PLAIN one of the mutually supported mechs ? If so
then maybe the following might be the problem.
<code>
byte[] response = sc.hasInitialResponse() ? sc.evaluateChallenge(new byte[0]) :
null;
conn.connectionStartOk(clientProperties, sc.getMechanismName(),
response,conn.getLocale());
</code>
Perhaps the hasInitialResponse always chooses PLAIN if it's in the list.
Or does it choose the most secure mechanism?
I can test this by having a broker configured with both ANONYMOUS, PLAIN
> JMS client on 0-10 codepath sets chosen mech to PLAIN by default
> ----------------------------------------------------------------
>
> Key: QPID-3246
> URL: https://issues.apache.org/jira/browse/QPID-3246
> Project: Qpid
> Issue Type: Improvement
> Reporter: Gordon Sim
>
> would be better to allow the underlying sasl libraries to determine the
> available mechs from those registered. As it is, changing from PLAIN requires
> expcliti client configuration for java - there is no negotiation by default.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
