Rob Godfrey created QPID-7900:
---------------------------------
Summary: [Java Broker] SASL External mechanism does not respond
correctly if no initial response is present
Key: QPID-7900
URL: https://issues.apache.org/jira/browse/QPID-7900
Project: Qpid
Issue Type: Bug
Components: Java Broker
Reporter: Rob Godfrey
As pointed out by [~gemmellr] in PROTON-1555:
{quote}
The client is expected to send data first in the authentication exchange.
Where the client does not provide an initial response data in its request to
initiate the authentication exchange, the server is to respond to the request
with an empty initial challenge and then the client is to provide its initial
response.
{quote}
https://tools.ietf.org/html/rfc4422#page-29
That is to say that if the initial response is not present, then rather than
simply accepting the authentication (which is what the broker will currently
do), an empty challenge should be sent.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
