On 08/04/2011 09:47 AM, Pavel Moravec wrote:
Hi all,
does somebody know how to configure CRAM-MD5 SASL authentication method? I
tried the following:
# cat /etc/sasl2/qpidd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /var/lib/qpidd/qpidd.sasldb
#following line stops spurious 'sql_select option missing' errors when
#cyrus-sql-sasl plugin is installed
sql_select: dummy select
mech_list: cram-md5
# qpid-perftest --count 100 --username guest --password guest --mechanism
CRAM-MD5
2011-08-04 10:34:49 warning Broker closed connection: 320, connection-forced:
Authentication failed
connection-forced: Authentication failed
#
qpid debug has:
2011-08-04 10:33:05 info SASL: Mechanism list: CRAM-MD5
2011-08-04 10:33:05 debug Management object (V1) added:
org.apache.qpid.broker:connection:127.0.0.1:5672-127.0.0.1:54123
2011-08-04 10:33:05 debug SASL: Starting authentication with mechanism: CRAM-MD5
2011-08-04 10:33:05 warning Failed to retrieve sasl username
2011-08-04 10:33:05 info SASL: Authentication failed (no username
available):SASL(-6): can't request info until later in exchange: Information
that was requested is not yet available.
2011-08-04 10:33:05 debug Exception constructed: Authentication failed
2011-08-04 10:33:05 warning Failed to retrieve sasl username
The same (error 320 and SASL(-6)) I received when using Java HelloWorld program
specifying sasl_mechs='CRAM-MD5' .
Any suggestions what do I wrong? As when I replace "CRAM-MD5" by "DIGEST-MD5"
in sasl config file and perftest command line, the authentication passes.. (well, it does not in
Java HelloWorld program, but that is another story).
You aren't doing anything wrong, this appears to be a bug in the broker.
I have raised a JIRA (QPID-3393) and have a fix that I'll commit shortly.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
