[
https://issues.apache.org/jira/browse/ARTEMIS-3106?focusedWorklogId=571856&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-571856
]
ASF GitHub Bot logged work on ARTEMIS-3106:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 25/Mar/21 12:35
Start Date: 25/Mar/21 12:35
Worklog Time Spent: 10m
Work Description: gemmellr commented on a change in pull request #3470:
URL: https://github.com/apache/activemq-artemis/pull/3470#discussion_r601444802
##########
File path:
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java
##########
@@ -151,6 +164,34 @@ public void testConnectsWithPlain() throws Exception {
assertArrayEquals(expectedPlainInitialResponse(USER, PASSWD),
authenticator.getInitialResponse());
}
+ @Test(timeout = 200000)
+ public void testConnectsWithSCRAM() throws Exception {
+ CountDownLatch serverConnectionOpen = new CountDownLatch(1);
+ SCRAMTestAuthenticator authenticator = new
SCRAMTestAuthenticator(SCRAM.SHA512);
Review comment:
I realise that, it is part of my point. Since it is the only mechanism
offered by the server, then the connecting broker clearly had to pick that
mechanism (or fail if it doesnt support it at all). Offering other mechs (as
many of the other tests in the class do) then also verifies the actual
selection behaviour, i.e that it will prefer selecting SCRAM 512 when it is
offered, rather than only doing so because it had no other choice. That way if
someone accidentally breaks that logic later the test can at least point it out.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 571856)
Time Spent: 15h 40m (was: 15.5h)
> Support for SASL-SCRAM
> ----------------------
>
> Key: ARTEMIS-3106
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3106
> Project: ActiveMQ Artemis
> Issue Type: New Feature
> Components: AMQP
> Reporter: Christoph Läubrich
> Priority: Major
> Time Spent: 15h 40m
> Remaining Estimate: 0h
>
> With the enhancements in ARTEMIS-33 / [PR
> 3432|https://github.com/apache/activemq-artemis/pull/3432] it would be now
> possible to plug-in new SASL mechanism.
> One popular one is
> [SASL-SCRAM|https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism]
> because it allows channelbinding together with secure storage of
> user-credential.
> I have created an [implementation of this for Artemis
> AMQP|https://github.com/laeubi/scram-sasl/tree/artemis/artemis] based on the
> [SCRAM SASL authentication for Java|https://github.com/ogrebgr/scram-sasl]
> code with some enhancements/cleanups to the original.
> As the source is already Apache licensed I'd like to propose to include this
> in the Artemis code-base. This would greatly enhance the interoperability
> with other implementations e.g. Apache QPID.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
