On 06/12/2015 04:54 PM, Rob Godfrey wrote:
On 12 June 2015 at 17:45, Gordon Sim <[email protected]> wrote:
On 06/12/2015 10:48 AM, Rob Godfrey wrote:
The documentation doesn't tend to go into the detail of the SASL
mechanisms available from each provider (and how they may differ
between TLS and non-TLS)... and from a general user perspective I'm
not sure that would be useful.
I think it is useful to know that certain mechanisms are excluded unless
using an encrypted (TLS) connection. I do now recall I hit this when testing
the 0.32 release, but had forgotten.
Some kind of warning on the console (or even in the logs) might help
perhaps.
The broker won't know because the client should be the one to detect
the failure... I guess Proton may try to pipeline the sending of the
mechanism without waiting to see which mechanisms the Broker offers,
in which case an error may already be logged (I'd have to go check).
What I meant was that any setting of PLAIN etc through the console would
cause a warning to be presented somewhere saying 'PLAIN is only
supported over SSL' or similar. That was the bit most recently that
confused me (again).
The actual error on connection is down to proton's limited sasl
'support' up to 0.9.1. It chooses the mech it wants before waiting for
the server to indicate what is available (and then for messenger in
0.9.1 at least seems to fail badly if that is not supported by the broker).
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
