[jira] [Resolved] (PROTON-1589) [cpp] How can I handle invalid SASL PLAIN credentials error when reconnect is on?

[Andrew Stitcher (JIRA)]

     [ 
https://issues.apache.org/jira/browse/PROTON-1589?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrew Stitcher resolved PROTON-1589.
-------------------------------------
       Resolution: Fixed
    Fix Version/s: proton-c-0.22.0

> [cpp] How can I handle invalid SASL PLAIN credentials error when reconnect is 
> on?
> ---------------------------------------------------------------------------------
>
>                 Key: PROTON-1589
>                 URL: https://issues.apache.org/jira/browse/PROTON-1589
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: cpp-binding
>    Affects Versions: proton-c-0.18.0
>            Reporter: Jiri Daněk
>            Assignee: Andrew Stitcher
>            Priority: Major
>              Labels: sasl
>             Fix For: proton-c-0.22.0
>
>
> Apply the following patch to the simple_send.cpp example
> {code}
> diff --git a/examples/cpp/simple_send.cpp b/examples/cpp/simple_send.cpp
> index a4c2272d..053da34f 100644
> --- a/examples/cpp/simple_send.cpp
> +++ b/examples/cpp/simple_send.cpp
> @@ -27,6 +27,7 @@
>  #include <proton/message.hpp>
>  #include <proton/message_id.hpp>
>  #include <proton/messaging_handler.hpp>
> +#include <proton/reconnect_options.hpp>
>  #include <proton/tracker.hpp>
>  #include <proton/types.hpp>
>  
> @@ -53,6 +54,12 @@ class simple_send : public proton::messaging_handler {
>          proton::connection_options co;
>          if (!user.empty()) co.user(user);
>          if (!password.empty()) co.password(password);
> +        co.sasl_enabled(true);
> +        co.sasl_allow_insecure_mechs(true);
> +        std::string sasl_mechanisms("PLAIN");
> +        co.sasl_allowed_mechs(sasl_mechanisms);
> +        proton::reconnect_options ro;
> +        co.reconnect(ro);
>          sender = c.open_sender(url, co);
>      }
> {code}
> Now attempt to connect to AMQP broker, for example ActiveMQ Artemis instance, 
> which was created with {{--require-login}}. The client gets stuck if you use 
> invalid credentials.
> {noformat}
> PN_TRACE_FRM=1 examples/cpp/simple_send -a amqp://127.0.0.1:5672 -u nosuch -p 
> user
> [0xed9980]:  -> SASL
> [0xed9980]:  <- SASL
> [0xed9980]:0 <- @sasl-mechanisms(64) 
> [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]]
> [0xed9980]:0 -> @sasl-init(65) [mechanism=:PLAIN, 
> initial-response=b"\x00nosuch\x00user"]
> [0xed9980]:0 <- @sasl-outcome(68) [code=1]
> [0xed9980]:  -> EOS
> [0xee7290]:  -> SASL
> [0xee7290]:  <- SASL
> [0xee7290]:0 <- @sasl-mechanisms(64) 
> [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]]
> [0xee7290]:0 -> @sasl-init(65) [mechanism=:PLAIN, 
> initial-response=b"\x00nosuch\x00user"]
> [0xee7290]:0 <- @sasl-outcome(68) [code=1]
> [0xee7290]:  -> EOS
> [0xeee6b0]:  -> SASL
> [0xeee6b0]:  <- SASL
> [0xeee6b0]:0 <- @sasl-mechanisms(64) 
> [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]]
> [0xeee6b0]:0 -> @sasl-init(65) [mechanism=:PLAIN, 
> initial-response=b"\x00nosuch\x00user"]
> [0xeee6b0]:0 <- @sasl-outcome(68) [code=1]
> [0xeee6b0]:  -> EOS
> {noformat}
> As you can see, the client keeps reconnecting. The previous behavior, if I 
> recall correctly, was to execute error handler in this case. To be exact, it 
> would run {{on_transport_error}} handler.
> I think that it is reasonable for the client to stop reconnecting and run 
> this handler if the reason for failed connection are wrong credentials. This 
> condition is unlikely to resolve itself on multiple retries.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org