> On Sept. 30, 2015, 10:25 a.m., Justin Ross wrote: > > I know sasl_layer is what qpid jms is using, but I think sasl_enabled is > > better name. It's what I would hunt for if I wanted to turn sasl on or > > off. sasl_layer is not self evidently an on/off attribute; it looks like > > something that could take other values; this is some user uncertainty we > > can avoid. > > Gordon Sim wrote: > I would have chosen sasl_enabled as well. I guess its a question of how > you weight consistency versus prefered name. I think if the documentation is > updated to include clear mention of these options (note to self!) it > mitigates disadvantages either way.
I wouldnt worry too much about consistency, since the JMS client isnt strictly using either of these values, and given how rarely I see using such an option actually being necessary at all I'm not sure it really matters what it is called in the end :) I picked "layer" over "enabled" for some not particularly important reasons, but I can see the latter might be clearer in some cases (such as in a dynamically typed language). - Robbie ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/38863/#review101104 ----------------------------------------------------------- On Sept. 29, 2015, 9:56 p.m., Gordon Sim wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/38863/ > ----------------------------------------------------------- > > (Updated Sept. 29, 2015, 9:56 p.m.) > > > Review request for qpid, Justin Ross and Ted Ross. > > > Bugs: PROTON-1008 > https://issues.apache.org/jira/browse/PROTON-1008 > > > Repository: qpid-proton-git > > > Description > ------- > > There is no direct and easy way to control whether a sasl layer is used or > not that works for all cases. Prior to the 0.10 release, specifying a > username was the trigger to enable sasl. However for EXTERNAL or GSSAPI that > doesn't work as well. This patch proposes adding an explicit toggle to either > enable or disable the use of sasl. It is enabled by default (ANONYMOUS is > then a simple way of avoiding actual authentication if not needed), but can > be disabled at the container- or connection- level. > > For consistency I've also allowec connection level overrding of the > allowed_mechs and allow_insecure_mechs options. > > > Diffs > ----- > > proton-c/bindings/python/proton/reactor.py 8de5d89 > > Diff: https://reviews.apache.org/r/38863/diff/ > > > Testing > ------- > > > Thanks, > > Gordon Sim > >
