2018-04-06 9:22 GMT-04:00 Michiel Lange <mla...@anwb.nl>: > Hi, > > I use Qpid Dispatch to route JMS to an Artemis broker, which I have > configured to use LDAP; allowing certain groups to create queues, send > messages or receive. > I am strugging getting Qpid dispatch to even use authentication, leave > alone if the authentication information would be stored in LDAP (rather > than a separate sasl database) > > At the moment I am running qpid-dispatch 1.0.0, running like this (all of > these are currently using ANONYMOUS as saslMechanism, which is not really > what I was hoping for) > > Host 1: contains only listeners > Host 2: contains connectors, connecting to Host 1 (inter-router) and the > actual brokers (route-container); This one also contains the linkRoutes to > the defined brokers based on their prefix. > > I cannot really find that much in the documentation on how to setup > authorization >
You are right about the doc, I've raised https://issues.apache.org/jira/browse/DISPATCH-958 - feel free to add any comments or suggestions. I am fairly certain that dispatch can use LDAP, but unfortunately I don't know the details. I am in an environment with Kerberos configured and the SASL plugin in default-configured dispatch (all default SASL mechs enabled) does send LDAP requests over my VPN - they don't do anything useful since I am not set up for that but the plugin is definitely active and that mechanism is being tried. I'm quite certain this is just a (painful) configuration problem, so hopefully we can help you through it and improve the doc in the process.