[jira] [Commented] (QPID-6091) Qpid should configure SASL

Thu, 11 Sep 2014 06:32:02 -0700 

    [ 
https://issues.apache.org/jira/browse/QPID-6091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14130012#comment-14130012
 ] 

Brian Bouterse commented on QPID-6091:
--------------------------------------

This could be treated as a docs bug, and the claim of configuring the SASL db 
with guest/guest be removed from the docs. That probably makes more sense then 
adding back the sasldb creation behavior because default usernames and 
passwords are insecure, but give the sense of security.

Thanks Pavel for the workaround suggestions.

> Qpid should configure SASL
> --------------------------
>
>                 Key: QPID-6091
>                 URL: https://issues.apache.org/jira/browse/QPID-6091
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>    Affects Versions: 0.26
>         Environment: RHEL6, RHEL7, Fedora 20
>            Reporter: Brian Bouterse
>
> I expect Qpid to create a SASL database with a single user named 'guest' and 
> password 'guest' as part of the install of the C++ broker.
> I expect this because the docs [0] say "The SASL database is installed at 
> /var/lib/qpidd/qpidd.sasldb; initially, it has one user named guest in the 
> QPID realm, and the password for this user is guest.".
> The later version of Qpid docs also have similar statements, so I don't think 
> the claim was removed from a later Qpid verison. I also believe the later 
> versions (0.28+) don't install the SASL db either so it's broken in lots of 
> versions.
> Both the Pulp and Kombu communities want a great out of the box use of Qpid. 
> The user should be able to install the right rpms, start the services, and it 
> just works. It would today, but the SASL db is not being created as the docs 
> indicate.
> [0]:  
> http://qpid.apache.org/releases/qpid-0.26/cpp-broker/book/chap-Messaging_User_Guide-Security.html#sect-Messaging_User_Guide-User_Authentication-Configuring_SASL



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to