[
https://issues.apache.org/jira/browse/QPID-648?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matthew Farrellee updated QPID-648:
-----------------------------------
Attachment: sasl_authentication.patch2
This patch (based off of r647825) provides more complete SASL authentication.
It allows for the use of mechanisms other than PLAIN, though no clients exist
that implement anything but PLAIN. Its current limitation is in providing the
list of supported mechanisms to the client via connection.start.
Once applied you can setup a /etc/sasl2/qpidd.conf file to use a simple
password file stored in /tmp/qpidd.sasldb. The conf and sasldb files must be
readable by the user running the broker. It is also not advisable to keep the
sasldb file in /tmp for anything other than testing.
qpidd.conf:
$ cat /etc/sasl2/qpidd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: plain
sasldb_path: /tmp/qpidd.sasldb
add a user to the sasldb:
$ saslpasswd2 -f /tmp/qpidd.sasldb guest
> Provide some form of authentication
> -----------------------------------
>
> Key: QPID-648
> URL: https://issues.apache.org/jira/browse/QPID-648
> Project: Qpid
> Issue Type: Improvement
> Components: C++ Broker
> Affects Versions: M3
> Reporter: Arnaud Simon
> Assignee: Gordon Sim
> Priority: Minor
> Attachments: sasl_authentication.patch2, sasl_plain_auth.patch
>
>
> It is required by JMS to authenticate users at connection creation time. It
> would be useful if the broker can provide such a basic authentication
> mechanism.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
