On 12/01/07, Tomas Restrepo <[EMAIL PROTECTED]> wrote:
During this, however, I ran into a few snags I'm not 100% sure about and would like some comments/guidance: a- For some reason, the PasswordFailureConnection test fails if PLAIN authentication is chosen. It appears that the server never responds with a 503 - NOT ALLOWED error in this case. Is this expected/known? Or is there something I'm missing here? It's worth noting that the only reason the test was passing previously was because it was incorrectly written.
I did a quick test and it looks like the broker and the java client do not deal with auth failure properly (i.e. in a useful way). I have raised QPID-292 for this.
b- Right now, when a connection is failing because of an authentication error, a generic AMQException is getting thrown with the AMQAuthenticationException as the InnerException. Is this OK? I don't quite like it, but changing it would require a bit of messing around with the way exceptions are being handled when trying connection against all configured servers (i.e. failover). What do you guys think?
Can you not make AMQAuthenticationException a subclass of AMQException?
c- Right now, my implementation of CallbackHandlerFactory has the set of Callback handlers hardcoded. Thus of the set of authentication mechanisms is currently static (and the order of preferred mechanisms as well). Obviously it would be better to have this configurable.
Yes, that would all be nice, and would mimic the functionality provided by the JDK. This seems to me to be a component that has wider applicability and utility than just Qpid?
That said, I believe the client should be fairly self-contained (or at least I know that would be my preference for the kind of things I have in mind to do with the client) and not have it depend explicitly on external configuration unless totally necessary (this might be a topic for a separate discussions as this is not the case right now). I'm thinking we could have a default set of supported protocols/handlers if no external configuration is found (and maybe create a custom app.config configuration section for new client settings).
Yes, I agree. Some "default" that did not require any config would be ideal, with the option to customise for people who want to install their own providers etc. RG
