[
https://issues.apache.org/jira/browse/DISPATCH-1004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ernest Allen closed DISPATCH-1004.
----------------------------------
Resolution: Not A Bug
The problem was in the console's javascript code. This was fixed in
DISPATCH-1003
> Enable support for connecting to http enabled listener configured with
> saslMechanisms other than ANONYMOUS
> ----------------------------------------------------------------------------------------------------------
>
> Key: DISPATCH-1004
> URL: https://issues.apache.org/jira/browse/DISPATCH-1004
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Container
> Affects Versions: 1.1.0
> Reporter: Ernest Allen
> Priority: Major
>
> Authentication fails when connecting to an http enabled listener that has
> authenticatePeer: true with a router configured with sasl authentication.
> The log messages are:
> 2018-05-18 07:36:27.347973 -0400 SERVER (debug) [2] upgraded HTTP connection
> from 127.0.0.1 to AMQPWS
> (/home/eallen/workspace/qpid-dispatch/src/http-libwebsockets.c:402)
> 2018-05-18 07:36:27.348025 -0400 POLICY (trace) ALLOW Connection '127.0.0.1'
> based on global connection count. nConnections= 1
> (/home/eallen/workspace/qpid-dispatch/src/policy.c:204)
> 2018-05-18 07:36:27.348041 -0400 SERVER (info) Accepted connection to
> 0.0.0.0:29315 from 127.0.0.1
> (/home/eallen/workspace/qpid-dispatch/src/server.c:656)
> 2018-05-18 07:36:27.348400 -0400 SERVER (trace) [2]: <- EOS
> (/home/eallen/workspace/qpid-dispatch/src/server.c:103)
> 2018-05-18 07:36:27.348434 -0400 SERVER (info) Connection from 127.0.0.1 (to
> 0.0.0.0:29315) failed: amqp:connection:policy-error Client skipped
> authentication - forbidden
> (/home/eallen/workspace/qpid-dispatch/src/server.c:920)
> 2018-05-18 07:36:27.348447 -0400 SERVER (trace) [2]: -> EOS
> (/home/eallen/workspace/qpid-dispatch/src/server.c:103)
> 2018-05-18 07:36:27.348462 -0400 POLICY (debug) Connection '127.0.0.1' closed
> with resources n_sessions=0, n_senders=0, n_receivers=0. nConnections= 0.
> (/home/eallen/workspace/qpid-dispatch/src/policy.c:249)
> Note: To test this I did the following:
> * run the router's system tests
> * cd
> build/tests/system_test.dir/system_tests_sasl_plain/RouterTestPlainSasl/setUpClass
> * edit the X.conf file to include a listener with http: true on a new port
> and start a router using X.conf
> * attempt to connect to the new port using the latest console with
> [[email protected]|mailto:[email protected]] / password
> * view the X.log file to see the above error output
> Authentication succeeds when connecting to that same router using a listener
> that is not http enabled.
> To verify the sasl setup, using that same router, run the following command:
> qdstat -b 0.0.0.0:29215 -c --sasl-mechanisms=PLAIN
> [email protected] --sasl-password=password
> The output is:
> Connections
> id host container role dir
> security authentication tenant
>
> =======================================================================================================================
> 6247 127.0.0.1:44554 5972a5a1-aa46-4b36-8932-8f090307f66a normal in
> no-security [email protected](PLAIN)
> I verified that the rhea.js library used by the console is passing the
> username/password by running rhea's test "simple_sasl_client.js" under nodejs
> against the above router's non-http enabled port. The connection succeeds.
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
