On 08/07/17 22:00, Rick van Rein wrote:
Hi,
I was pleased to see GSSAPI supported in Qpid Broker C++; I can think of
several uses of messaging where Kerberos' single sign-on is a blessing.
But the naming of the tickets as "qpid/[email protected]" is not as I
think it should be. Clients nede to construct such names for their
ticket requests:
- the "REALM.NAME" is the client's, or modified through KDC redirection
[or perhaps using draft-vanrein-dnstxt-krb1]
- the "host.name" is derived from SRV records (it could be the domain
or host)
- the service name, here "qpid" is commonly known to an implementation
You can change this using the --sasl-service-name option. (I agree that
amqp would have been a netter choice for the default there).
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
