[ https://issues.apache.org/jira/browse/QPID-1899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12782245#action_12782245 ]
Steve Huston commented on QPID-1899: ------------------------------------ Is this correct? Index: Sasl.h =================================================================== --- Sasl.h (revision 883558) +++ Sasl.h (working copy) @@ -37,11 +37,27 @@ struct ConnectionSettings; /** - * Interface to SASL support + * Interface to SASL support. This class is implemented by platform-specific + * SASL providers. */ class Sasl { public: + /** + * Start SASL negotiation with the broker. + * + * @param mechanisms Comma-separated list of the SASL mechanism the + * client supports. + * @param ssf Security Strength Factor (SSF). SSF is used to negotiate + * a SASL security layer on top of the connection should both + * parties require and support it. The value indicates the + * required level of security for communication. Possible + * values are: + * @li 0 No security + * @li 1 Integrity checking only + * @li >1 Integrity and confidentiality with the number + * giving the encryption key length. + */ virtual std::string start(const std::string& mechanisms, unsigned int ssf) = 0; virtual std::string step(const std::string& challenge) = 0; virtual std::string getMechanism() = 0; > --require-encryption doesn't work unless cyrus sasl authentication is turned > on > ------------------------------------------------------------------------------- > > Key: QPID-1899 > URL: https://issues.apache.org/jira/browse/QPID-1899 > Project: Qpid > Issue Type: Bug > Components: C++ Broker > Affects Versions: 0.5 > Reporter: Gordon Sim > Assignee: Steve Huston > Fix For: 0.6 > > Attachments: qpid-1899-10_26.patch, qpid-1899-10_30.patch, > qpid-1899-9-17.patch, qpid-1899-hacky.patch, qpid-1899.patch, qpid-1899.patch > > > If you specify --require-encryption and --auth no then the broker will allow > un-encrypted conections. (If on the other hand you have authentication on, it > will prevent you connecting with anything other than a mech that supports > encryption and will require an encrypting sasl security layer - or of course > an ssl connection) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org