[jira] [Work logged] (ARTEMIS-3106) Support for SASL-SCRAM

Thu, 25 Mar 2021 07:01:35 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-3106?focusedWorklogId=571899&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-571899
 ]

ASF GitHub Bot logged work on ARTEMIS-3106:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 25/Mar/21 14:00
            Start Date: 25/Mar/21 14:00
    Worklog Time Spent: 10m 
      Work Description: gemmellr commented on pull request #3470:
URL: https://github.com/apache/activemq-artemis/pull/3470#issuecomment-806806500


   I'm going to leave further review here for some of the main broker 
maintainers. I think it needs some more eyes to look it over at this point (e.g 
I note that as I know little about the JAAS login bits, I've not been looking 
at that aspect), perhaps input from someone who knows the user creation stuff 
would be good, certainly some other folks thoughts on SCRAM-SHA-1 support would 
be useful.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 571899)
    Time Spent: 16h 20m  (was: 16h 10m)

> Support for SASL-SCRAM
> ----------------------
>
>                 Key: ARTEMIS-3106
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3106
>             Project: ActiveMQ Artemis
>          Issue Type: New Feature
>          Components: AMQP
>            Reporter: Christoph Läubrich
>            Priority: Major
>          Time Spent: 16h 20m
>  Remaining Estimate: 0h
>
> With the enhancements in ARTEMIS-33 / [PR 
> 3432|https://github.com/apache/activemq-artemis/pull/3432] it would be now 
> possible to plug-in new SASL mechanism.
> One popular one is 
> [SASL-SCRAM|https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism]
>  because it allows channelbinding together with secure storage of 
> user-credential.
> I have created an [implementation of this for Artemis 
> AMQP|https://github.com/laeubi/scram-sasl/tree/artemis/artemis] based on the 
> [SCRAM SASL authentication for Java|https://github.com/ogrebgr/scram-sasl] 
> code with some enhancements/cleanups to the original.
> As the source is already Apache licensed I'd like to propose to include this 
> in the Artemis code-base. This would greatly enhance the interoperability 
> with other implementations e.g. Apache QPID. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to