svn commit: r1156604 - in /qpid/trunk/qpid: cpp/src/qpid/broker/SaslAuthenticator.cpp specs/management-schema.xml

Thu, 11 Aug 2011 05:50:07 -0700 

Author: mgoulish
Date: Thu Aug 11 12:49:39 2011
New Revision: 1156604

URL: http://svn.apache.org/viewvc?rev=1156604&view=rev
Log:
    two new management properties for connections: the sasl mechanism, and the 
ssf (security strength factor).    also a change to logging level of one 
message, so that when we see the list of mechanisms, we will always also see 
which one was chosen.


Modified:
    qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
    qpid/trunk/qpid/specs/management-schema.xml

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
URL: 
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp?rev=1156604&r1=1156603&r2=1156604&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp Thu Aug 11 
12:49:39 2011
@@ -381,13 +381,17 @@ void CyrusAuthenticator::start(const str
     const char *challenge;
     unsigned int challenge_len;
     
-    QPID_LOG(debug, "SASL: Starting authentication with mechanism: " << 
mechanism);
+    // This should be at same debug level as mech list in getMechanisms().
+    QPID_LOG(info, "SASL: Starting authentication with mechanism: " << 
mechanism);
     int code = sasl_server_start(sasl_conn,
                                  mechanism.c_str(),
                                  response.size() ? response.c_str() : 0, 
response.length(),
                                  &challenge, &challenge_len);
     
     processAuthenticationStep(code, challenge, challenge_len);
+    qmf::org::apache::qpid::broker::Connection* cnxMgmt = 
connection.getMgmtObject();
+    if ( cnxMgmt ) 
+        cnxMgmt->set_saslMechanism(mechanism);
 }
         
 void CyrusAuthenticator::step(const string& response)
@@ -461,6 +465,9 @@ std::auto_ptr<SecurityLayer> CyrusAuthen
     if (ssf) {
         securityLayer = std::auto_ptr<SecurityLayer>(new 
CyrusSecurityLayer(sasl_conn, maxFrameSize));
     }
+    qmf::org::apache::qpid::broker::Connection* cnxMgmt = 
connection.getMgmtObject();
+    if ( cnxMgmt ) 
+        cnxMgmt->set_saslSsf(ssf);
     return securityLayer;
 }
 

Modified: qpid/trunk/qpid/specs/management-schema.xml
URL: 
http://svn.apache.org/viewvc/qpid/trunk/qpid/specs/management-schema.xml?rev=1156604&r1=1156603&r2=1156604&view=diff
==============================================================================
--- qpid/trunk/qpid/specs/management-schema.xml (original)
+++ qpid/trunk/qpid/specs/management-schema.xml Thu Aug 11 12:49:39 2011
@@ -262,6 +262,8 @@
     <property name="remotePid"          type="uint32" access="RO" optional="y" 
desc="Process ID of remote client"/>
     <property name="remoteParentPid"    type="uint32" access="RO" optional="y" 
desc="Parent Process ID of remote client"/>
     <property name="shadow"             type="bool"   access="RO" desc="True 
for shadow connections"/>
+    <property name="saslMechanism"      type="sstr"   access="RO" desc="SASL 
mechanism"/>
+    <property name="saslSsf"            type="uint16"   access="RO" desc="SASL 
security strength factor"/>
     <statistic name="closing"          type="bool" desc="This client is 
closing by management request"/>
     <statistic name="framesFromClient" type="count64"/>
     <statistic name="framesToClient"   type="count64"/>



---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:commits-subscr...@qpid.apache.org

Reply via email to