[jira] [Commented] (QPIDJMS-232) Perform Authentication when the remote connection is established instead of waiting until Connection is used

Mon, 12 Dec 2016 08:47:58 -0800 

    [ 
https://issues.apache.org/jira/browse/QPIDJMS-232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15742422#comment-15742422
 ] 

Rob Godfrey commented on QPIDJMS-232:
-------------------------------------

Yeah - I forget exactly how all the DoD / heartbeating timeouts work in the 
Java Broker... I *think* the above is probably safe (since the time from TCP 
connection open to authenticated is short, so it will avoid the suspected DoS 
timeout, and the heartbeating timeout probably won't come into effect until it 
receives an open frame from the client), however it would be (AMQP) spec 
compliant for the broker to issue an open without waiting for the client, and 
for that open to include a heartbeat timeout... does proton/the JMS client 
respect that?  I'd also need to check up on whether it is even legal to send 
empty heartbeating frames before you send an open (I can't say it was a case we 
ever considered).  

In general I agree that doing the connect/auth up front is the best thing to 
do... but I think that having the behaviour configurable to improve 
interoperability would make sense

> Perform Authentication when the remote connection is established instead of 
> waiting until Connection is used
> ------------------------------------------------------------------------------------------------------------
>
>                 Key: QPIDJMS-232
>                 URL: https://issues.apache.org/jira/browse/QPIDJMS-232
>             Project: Qpid JMS
>          Issue Type: Improvement
>          Components: qpid-jms-client
>    Affects Versions: 0.11.1
>            Reporter: Timothy Bish
>            Assignee: Timothy Bish
>             Fix For: 0.20.0
>
>
> Instead of waiting until the connection is used to perform authentication we 
> should perform the SASL authentication if available when the connection is 
> established.  This allows the createConnection methods in the 
> ConnectionFactory to fail fast instead of waiting until the Connection is 
> used (e.g set client ID, start, createSession etc)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to