Paolo Patierno created DISPATCH-347:
---------------------------------------
Summary: Negative SASL outome when "requireEncryption" isn't
satisfied
Key: DISPATCH-347
URL: https://issues.apache.org/jira/browse/DISPATCH-347
Project: Qpid Dispatch
Issue Type: Wish
Affects Versions: 0.6.0
Reporter: Paolo Patierno
Priority: Minor
If we configure the router with requireEncryption set to true but the client
connect using a SASL mechanism which doesn't support encryption (i.e.
ANONYMOUS, PLAIN, ...) the SASL exchange goes well with a successful outcome
but the router close the TCP connection brutally after that.
The client doesn't have any reason why it happens.
The SASL RFC (https://tools.ietf.org/html/rfc4422) in the "Authentication
Outcome" says that "The outcome is not successful if ..." ... "the negotiated
security layer (or lack thereof) is not suitable ...".
I think that above scenario is a "lack" of requested security so the SASL
outcome to the client shouldn't be positive but negative.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
