Hi Gordon, thanks a lot. Checking source code was the next step in my investigation here ;-)
Kind regards, Pavel ----- Original Message ----- From: "Gordon Sim" <[email protected]> To: [email protected] Sent: Thursday, August 4, 2011 2:53:39 PM Subject: Re: Configuration of CRAM-MD5 SASL method? On 08/04/2011 09:47 AM, Pavel Moravec wrote: > Hi all, > does somebody know how to configure CRAM-MD5 SASL authentication method? I > tried the following: > > # cat /etc/sasl2/qpidd.conf > pwcheck_method: auxprop > auxprop_plugin: sasldb > sasldb_path: /var/lib/qpidd/qpidd.sasldb > > #following line stops spurious 'sql_select option missing' errors when > #cyrus-sql-sasl plugin is installed > sql_select: dummy select > mech_list: cram-md5 > # qpid-perftest --count 100 --username guest --password guest --mechanism > CRAM-MD5 > 2011-08-04 10:34:49 warning Broker closed connection: 320, connection-forced: > Authentication failed > > connection-forced: Authentication failed > # > > qpid debug has: > > 2011-08-04 10:33:05 info SASL: Mechanism list: CRAM-MD5 > 2011-08-04 10:33:05 debug Management object (V1) added: > org.apache.qpid.broker:connection:127.0.0.1:5672-127.0.0.1:54123 > 2011-08-04 10:33:05 debug SASL: Starting authentication with mechanism: > CRAM-MD5 > 2011-08-04 10:33:05 warning Failed to retrieve sasl username > 2011-08-04 10:33:05 info SASL: Authentication failed (no username > available):SASL(-6): can't request info until later in exchange: Information > that was requested is not yet available. > 2011-08-04 10:33:05 debug Exception constructed: Authentication failed > 2011-08-04 10:33:05 warning Failed to retrieve sasl username > > The same (error 320 and SASL(-6)) I received when using Java HelloWorld > program specifying sasl_mechs='CRAM-MD5' . > > Any suggestions what do I wrong? As when I replace "CRAM-MD5" by "DIGEST-MD5" > in sasl config file and perftest command line, the authentication passes.. > (well, it does not in Java HelloWorld program, but that is another story). You aren't doing anything wrong, this appears to be a bug in the broker. I have raised a JIRA (QPID-3393) and have a fix that I'll commit shortly. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:[email protected] --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:[email protected]
