On 08/05/2015 03:31 PM, Ken Giusti wrote:
if I simply remove the PLAIN sasl mechs (client specifies no mechs in this
case), DIGEST-MD5 is selected:
$ ./send.py -a amqp://192.168.122.209:5672 --target amq.topic --username admin
--password qpid
KAG outcome = 1
KAG condition = None
Connection failed: Condition('amqp:unauthorized-access', 'Authentication
failed')
connection_failed, error=Condition('amqp:unauthorized-access', 'Authentication
failed') (ignored)
Send failed due to connection failure!
broker log:
$ 2015-08-05 10:27:07 [Security] info SASL: Mechanism list: DIGEST-MD5 CRAM-MD5
PLAIN
2015-08-05 10:27:07 [Security] info SASL: Starting authentication with
mechanism: DIGEST-MD5
2015-08-05 10:27:07 [Security] info
qpid.192.168.122.209:5672-192.168.122.1:38081 Challenge issued
2015-08-05 10:27:07 [Security] info
qpid.192.168.122.209:5672-192.168.122.1:38081 Failed to authenticate
2015-08-05 10:27:07 [Security] info
qpid.192.168.122.209:5672-192.168.122.1:38081 Connection closed prior to
authentication completing
Well, that's a head scratcher.
Thoughts?
You need to specify 'amqp' as the sasl service name using the newly
added --sasl-service-name option to qpidd (this defaults to 'qpidd').