[
https://issues.apache.org/jira/browse/PROTON-735?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ken Giusti resolved PROTON-735.
-------------------------------
Resolution: Fixed
Fix Version/s: 0.15.0
Tested 0.15.0 and the SASL error was evident to the client:
2016-12-08 09:33:32,769 ERROR Connection failed:
Condition('amqp:unauthorized-access', 'Authentication failed
[mech=SCRAM-SHA-1]')
> SASL authentication failures appear as I/O failures
> ---------------------------------------------------
>
> Key: PROTON-735
> URL: https://issues.apache.org/jira/browse/PROTON-735
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Affects Versions: 0.8
> Reporter: Ken Giusti
> Assignee: Andrew Stitcher
> Labels: close-pending
> Fix For: 0.15.0
>
>
> Using the current SASL api, an application has to poll the pn_sasl_t object's
> state (pn_sasl_state()) until a terminal state is reached (STATE_PASS/FAIL).
> Once the terminal state is reached, the outcome can be queried via
> pn_sasl_outcome.
> Unfortunately, when the sasl client receives an authentication failure
> outcome from the sasl server, the sasl layer returns PN_ERR from its input
> processing code. This causes the pn_transport_push() to return a generic
> error.
> From the application's point of view, this effectively results in the
> transport failing *before* the sasl terminal state has been reached. The
> application will interpret this event as a generic input failure on the
> transport - not the authentication failure it actually was.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
