[jira] [Created] (QPID-6109) qpid.messaaging builtin PLAIN auth does not agree on auth mechanism if password is None or ''

Thu, 18 Sep 2014 08:47:29 -0700 

Brian Bouterse created QPID-6109:
------------------------------------

             Summary: qpid.messaaging builtin PLAIN auth does not agree on auth 
mechanism if password is None or ''
                 Key: QPID-6109
                 URL: https://issues.apache.org/jira/browse/QPID-6109
             Project: Qpid
          Issue Type: Bug
          Components: Python Client
    Affects Versions: 0.26
         Environment: rpm -qa | grep sasl | sort

cyrus-sasl-2.1.26-14.fc20.x86_64
cyrus-sasl-devel-2.1.26-14.fc20.x86_64
cyrus-sasl-gssapi-2.1.26-14.fc20.x86_64
cyrus-sasl-lib-2.1.26-14.fc20.x86_64
cyrus-sasl-md5-2.1.26-14.fc20.x86_64
cyrus-sasl-plain-2.1.26-14.fc20.x86_64
cyrus-sasl-scram-2.1.26-14.fc20.x86_64
erlang-sasl-R16B-03.7.fc20.x86_64

qpid-cpp-server-0.26-13.fc20.x86_64
            Reporter: Brian Bouterse
            Priority: Minor


If I have the broker configured with --auth yes, it correctly advertises auth 
mechanisms: ['ANONYMOUS', 'PLAIN'].

If I run the following python code to connect using an empty password with 
username 'guest' and only allowing 'PLAIN' I expect to get an "Authentication 
failed(320)", but instead I receive a "sasl negotiation failed: no mechanism 
agreed".

from qpid.messaging import Connection
info = { 'username': 'guest', 'sasl_mechanisms': 'PLAIN', 'host': '127.0.0.1', 
'timeout': 4, 'password': '', 'port': 5672, 'transport': 'tcp'}
Connection.establish(**info)

I also get the sasl negotiation failed with this code:

from qpid.messaging import Connection
info = { 'username': 'guest', 'sasl_mechanisms': 'PLAIN', 'host': '127.0.0.1', 
'timeout': 4, 'password': None, 'port': 5672, 'transport': 'tcp'}
Connection.establish(**info)

I am using the builtin auth and not the saslwrapper auth because I do not have 
the packages 'saslwraper' and 'python-saslwrapper' installed.

I expected that a username='guest' and password=None or password='' should 
still agree on PLAIN and continue to try to authentication. This is also 
similar to the behavior of saslwrapper.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to