[jira] [Updated] (QPID-4475) Web management plugin support for PLAIN SASL mechanism

Tue, 27 Nov 2012 01:02:06 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-4475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Keith Wall updated QPID-4475:
-----------------------------

    Description: 
The web management module of the Java Broker should be enhanced to allow for 
the use of the PLAIN SASL mechanism.  This would allow the web-management 
module to be used with the SimpleLDAPAuthenticationManager (which requires 
PLAIN as it must pass a clear-text password through to the LDAP server).

If PLAIN is in-use, then the Broker should restrict the web management to a 
secure protocol in order to avoid the transmision of user password in 
clear-text across the wire.



  was:
The web management module of the Java Broker should be enhanced to allow for 
the use of the PLAIN SASL mechanism.  This would allow the web-management 
module to be used with the SimpleLDAPAuthenticationManager (which requires 
PLAIN as it must pass a clear-text password through to the LDAP server).

If PLAIN is in-use, then the Broker should restrict the web management to a 
secure protocol in order to avoid the transmision of user password in 
clear-text across the wire.






Caused by: javax.security.sasl.SaslException: Unknown mechanism: CRAM-MD5

        at 
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager.createSaslServer(SimpleLDAPAuthenticationManager.java:193)

        at 
org.apache.qpid.server.security.SubjectCreator.createSaslServer(SubjectCreator.java:74)

    
> Web management plugin support for PLAIN SASL mechanism
> ------------------------------------------------------
>
>                 Key: QPID-4475
>                 URL: https://issues.apache.org/jira/browse/QPID-4475
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>    Affects Versions: 0.21
>            Reporter: Keith Wall
>
> The web management module of the Java Broker should be enhanced to allow for 
> the use of the PLAIN SASL mechanism.  This would allow the web-management 
> module to be used with the SimpleLDAPAuthenticationManager (which requires 
> PLAIN as it must pass a clear-text password through to the LDAP server).
> If PLAIN is in-use, then the Broker should restrict the web management to a 
> secure protocol in order to avoid the transmision of user password in 
> clear-text across the wire.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to