[ https://issues.apache.org/jira/browse/PROTON-1589?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171935#comment-16171935 ]
Alan Conway commented on PROTON-1589: ------------------------------------- For reconnect we really need to identify authentication failure exceptions and treat them differently from other failures and *not* attempt to reconnect. That might mean some refactoring of our exception hierarchy so such exceptions can be clearly marked. > How can I handle invalid SASL PLAIN credentials error when reconnect is on? > --------------------------------------------------------------------------- > > Key: PROTON-1589 > URL: https://issues.apache.org/jira/browse/PROTON-1589 > Project: Qpid Proton > Issue Type: Bug > Components: cpp-binding > Affects Versions: proton-c-0.18.0 > Reporter: Jiri Danek > Assignee: Cliff Jansen > > Apply the following patch to the simple_send.cpp example > {code} > diff --git a/examples/cpp/simple_send.cpp b/examples/cpp/simple_send.cpp > index a4c2272d..053da34f 100644 > --- a/examples/cpp/simple_send.cpp > +++ b/examples/cpp/simple_send.cpp > @@ -27,6 +27,7 @@ > #include <proton/message.hpp> > #include <proton/message_id.hpp> > #include <proton/messaging_handler.hpp> > +#include <proton/reconnect_options.hpp> > #include <proton/tracker.hpp> > #include <proton/types.hpp> > > @@ -53,6 +54,12 @@ class simple_send : public proton::messaging_handler { > proton::connection_options co; > if (!user.empty()) co.user(user); > if (!password.empty()) co.password(password); > + co.sasl_enabled(true); > + co.sasl_allow_insecure_mechs(true); > + std::string sasl_mechanisms("PLAIN"); > + co.sasl_allowed_mechs(sasl_mechanisms); > + proton::reconnect_options ro; > + co.reconnect(ro); > sender = c.open_sender(url, co); > } > {code} > Now attempt to connect to AMQP broker, for example ActiveMQ Artemis instance, > which was created with {{--require-login}}. The client gets stuck if you use > invalid credentials. > {noformat} > PN_TRACE_FRM=1 examples/cpp/simple_send -a amqp://127.0.0.1:5672 -u nosuch -p > user > [0xed9980]: -> SASL > [0xed9980]: <- SASL > [0xed9980]:0 <- @sasl-mechanisms(64) > [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]] > [0xed9980]:0 -> @sasl-init(65) [mechanism=:PLAIN, > initial-response=b"\x00nosuch\x00user"] > [0xed9980]:0 <- @sasl-outcome(68) [code=1] > [0xed9980]: -> EOS > [0xee7290]: -> SASL > [0xee7290]: <- SASL > [0xee7290]:0 <- @sasl-mechanisms(64) > [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]] > [0xee7290]:0 -> @sasl-init(65) [mechanism=:PLAIN, > initial-response=b"\x00nosuch\x00user"] > [0xee7290]:0 <- @sasl-outcome(68) [code=1] > [0xee7290]: -> EOS > [0xeee6b0]: -> SASL > [0xeee6b0]: <- SASL > [0xeee6b0]:0 <- @sasl-mechanisms(64) > [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :ANONYMOUS]] > [0xeee6b0]:0 -> @sasl-init(65) [mechanism=:PLAIN, > initial-response=b"\x00nosuch\x00user"] > [0xeee6b0]:0 <- @sasl-outcome(68) [code=1] > [0xeee6b0]: -> EOS > {noformat} > As you can see, the client keeps reconnecting. The previous behavior, if I > recall correctly, was to execute error handler in this case. To be exact, it > would run {{on_transport_error}} handler. > I think that it is reasonable for the client to stop reconnecting and run > this handler if the reason for failed connection are wrong credentials. This > condition is unlikely to resolve itself on multiple retries. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org