[
https://issues.apache.org/jira/browse/AMQ-6055?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018626#comment-15018626
]
ASF subversion and git services commented on AMQ-6055:
------------------------------------------------------
Commit b5dd0a16f4197cfab086b3139892a73b27c8ac74 in activemq's branch
refs/heads/master from [~tabish121]
[ https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=b5dd0a1 ]
https://issues.apache.org/jira/browse/AMQ-6055
Account for Authzid in SASL PLAIN mechanism and provide a means to fail
the authorization if the challenge response is invalid. Update the
client to properly exclude sasl mechanism that don't apply to it's
configured credentials such as using only ANONYMOUS when no user or
password is set.
> SASL PLAIN auth with AMQP doesn't take authzid into account
> -----------------------------------------------------------
>
> Key: AMQ-6055
> URL: https://issues.apache.org/jira/browse/AMQ-6055
> Project: ActiveMQ
> Issue Type: Bug
> Components: AMQP, Broker, jaas
> Affects Versions: 5.12.1
> Environment: # lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 14.04.3 LTS
> Release: 14.04
> Codename: trusty
> # uname -a
> Linux esb-test-mq01 3.13.0-67-generic #110-Ubuntu SMP Fri Oct 23 13:24:41 UTC
> 2015 x86_64 x86_64 x86_64 GNU/Linux
> Reporter: Simon Lundstrom
> Priority: Blocker
> Fix For: 5.13.0
>
>
> SASL PLAIN authentication with AMQP doesn't take authzid into account and
> fails authentication when it's fully legal in SASL PLAIN.
> See [PROTON-1055] for a more detailed description including debug logs.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
