Hi James, I tested it using one of the examples in cpp/examples - I did notice that test_client didn't work, but had bigger fish to fry before getting back to that.
You raise great points that I'd like to discuss more. I don't have time at the moment, but wanted to ack your note. I'll reply further another day. -Steve > -----Original Message----- > From: James Mansion [mailto:ja...@mansionfamily.plus.com] > Sent: Tuesday, March 17, 2009 3:48 PM > To: dev@qpid.apache.org > Subject: Re: Problem running tests/client_test > > > Steve Huston wrote: > > Fix is on svn trunk... > > -Steve > > > How did you test it? It didn't work for me using the rather minimal > debug settings in the test_client solution. > > My analysis of the failure is: > > In WindowsSasl, if we have PLAIN on offer, then we choose it > - even if we > do not have a configured username and password. Also, we > seem to take no > notice of settings.mechanism. > > This will fix it so that the client can connect in the absence of a > username, > though it still ignores the mechanism. Arguably, more > information is needed > in the case where we have a username but the password is > empty - perhaps we > infer the username from the current login session but have not been > given the > password - should we use PLAIN and hope that an empty > password is valid, or > still use ANONYMOUS in that case because we don't know > whether 'empty' means > 'password not provided' ie incomplete information. I think > we would need a > flag in the settings structure to handle this (or, we should > never infer the > user name and require that user name and password are both > provided - I find > user name inference handy though). > > C:\src\qpid\trunk\qpid\cpp\src>svn diff qpid\client > Index: qpid/client/windows/SaslFactory.cpp > =================================================================== > --- qpid/client/windows/SaslFactory.cpp (revision 755031) > +++ qpid/client/windows/SaslFactory.cpp (working copy) > @@ -110,7 +110,7 @@ > throw InternalErrorException(QPID_MSG("Sasl error: no common > mechanism" > )); > > std::string resp = ""; > - if (havePlain) { > + if (havePlain && !settings.username.empty()) { > mechanism = PLAIN; > resp = ((char)0) + settings.username + ((char)0) + > settings.password; > } > > > Also ... > > The WindowsSasl implementation doesn't do anything > Windows-ish. Why isn't > this basic implementation the default if CyrusSasl is not > available? Is it > intended that a Windows security token could be passed? This > makes sense > for Windows deployments, but might also be workable for > non-Windows brokers > that have access to a domain controller. If you can support > single signon > for Windows client applications, there will be general rejoicing. > > James > > > --------------------------------------------------------------------- > Apache Qpid - AMQP Messaging Implementation > Project: http://qpid.apache.org > Use/Interact: mailto:dev-subscr...@qpid.apache.org > --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org
