Jiri Danek created PROTON-1589:
----------------------------------
Summary: How can I handle invalid SASL PLAIN credentials error
when reconnect is on?
Key: PROTON-1589
URL: https://issues.apache.org/jira/browse/PROTON-1589
Project: Qpid Proton
Issue Type: Bug
Components: cpp-binding
Affects Versions: proton-c-0.18.0
Reporter: Jiri Danek
Assignee: Cliff Jansen
Apply the following patch to the simple_send.cpp example
{code}
diff --git a/examples/cpp/simple_send.cpp b/examples/cpp/simple_send.cpp
index a4c2272d..053da34f 100644
--- a/examples/cpp/simple_send.cpp
+++ b/examples/cpp/simple_send.cpp
@@ -27,6 +27,7 @@
#include <proton/message.hpp>
#include <proton/message_id.hpp>
#include <proton/messaging_handler.hpp>
+#include <proton/reconnect_options.hpp>
#include <proton/tracker.hpp>
#include <proton/types.hpp>
@@ -53,6 +54,12 @@ class simple_send : public proton::messaging_handler {
proton::connection_options co;
if (!user.empty()) co.user(user);
if (!password.empty()) co.password(password);
+ co.sasl_enabled(true);
+ co.sasl_allow_insecure_mechs(true);
+ std::string sasl_mechanisms("PLAIN");
+ co.sasl_allowed_mechs(sasl_mechanisms);
+ proton::reconnect_options ro;
+ co.reconnect(ro);
sender = c.open_sender(url, co);
}
{noformat}
Now attempt to connect to AMQP broker, for example ActiveMQ Artemis instance,
which was created with {{--require-login}}. The client gets stuck if you use
invalid credentials.
{noformat}
PN_TRACE_FRM=1 examples/cpp/simple_send -a amqp://127.0.0.1:5672 -u nosuch -p
user
[0xed9980]: -> SASL
[0xed9980]: <- SASL
[0xed9980]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN,
:ANONYMOUS]]
[0xed9980]:0 -> @sasl-init(65) [mechanism=:PLAIN,
initial-response=b"\x00nosuch\x00user"]
[0xed9980]:0 <- @sasl-outcome(68) [code=1]
[0xed9980]: -> EOS
[0xee7290]: -> SASL
[0xee7290]: <- SASL
[0xee7290]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN,
:ANONYMOUS]]
[0xee7290]:0 -> @sasl-init(65) [mechanism=:PLAIN,
initial-response=b"\x00nosuch\x00user"]
[0xee7290]:0 <- @sasl-outcome(68) [code=1]
[0xee7290]: -> EOS
[0xeee6b0]: -> SASL
[0xeee6b0]: <- SASL
[0xeee6b0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN,
:ANONYMOUS]]
[0xeee6b0]:0 -> @sasl-init(65) [mechanism=:PLAIN,
initial-response=b"\x00nosuch\x00user"]
[0xeee6b0]:0 <- @sasl-outcome(68) [code=1]
[0xeee6b0]: -> EOS
{noformat}
As you can see, the client keeps reconnecting. The previous behavior, if I
recall correctly, was to execute error handler in this case. To be exact, it
would run {{on_transport_error}} handler.
I think that it is reasonable for the client to stop reconnecting and run this
handler if the reason for failed connection are wrong credentials. This
condition is unlikely to resolve itself on multiple retries.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
