[
https://issues.apache.org/jira/browse/QPIDJMS-294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16093591#comment-16093591
]
ASF subversion and git services commented on QPIDJMS-294:
---------------------------------------------------------
Commit 28a1bdc85eee3cb46af7de9b02299fe2765628f5 in qpid-jms's branch
refs/heads/master from [~tabish121]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-jms.git;h=28a1bdc ]
QPIDJMS-294 Refactor AmqpSaslAuthenticator to make testing easier
Extracts the mechanism finding from the authenticator to allow for
plugging in alternative finders for tests.
> The SCRAM-SHA-* SASL mechanisms should verify the server final message if it
> is sent in the additional-data field of sasl-outcome
> ---------------------------------------------------------------------------------------------------------------------------------
>
> Key: QPIDJMS-294
> URL: https://issues.apache.org/jira/browse/QPIDJMS-294
> Project: Qpid JMS
> Issue Type: Bug
> Affects Versions: 0.23.0
> Reporter: Rob Godfrey
> Fix For: 0.24.0
>
>
> Currently the client will only verify the server final message if it is sent
> as an extra challenge in the sasl exchange.
> The client should also verify if the server final message is sent as
> additional-data on the sasl outcome (which is really the way this should
> always be sent).
> In order to do this PROTON-1486 will need fixing
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
