[
https://issues.apache.org/jira/browse/QPID-1899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12757141#action_12757141
]
Gordon Sim commented on QPID-1899:
----------------------------------
Unfortunately, when starting to apply this I realised it doesn't work for the
cluster. The initial compile error is easy to 'fix', but to work correctly it
is going to need some more effort. The replicas will all need to know whether
their shadow connections represent encrypted connections or not.
It also struck me on deeper review that my advice on adding a method to
OutputControl was not very good - it results in a much wider change than is
really necessary. I think actually a better fix would be to pass in an
indicator of encrypted or not to qpid::sys::ConnectionCodec::Factory::create().
What do you think? Many apologies for the bad advice :-(
> --require-encryption doesn't work unless cyrus sasl authentication is turned
> on
> -------------------------------------------------------------------------------
>
> Key: QPID-1899
> URL: https://issues.apache.org/jira/browse/QPID-1899
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Affects Versions: 0.5
> Reporter: Gordon Sim
> Assignee: Gordon Sim
> Fix For: 0.6
>
> Attachments: qpid-1899-9-17.patch, qpid-1899-hacky.patch
>
>
> If you specify --require-encryption and --auth no then the broker will allow
> un-encrypted conections. (If on the other hand you have authentication on, it
> will prevent you connecting with anything other than a mech that supports
> encryption and will require an encrypting sasl security layer - or of course
> an ssl connection)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
