GitHub user k-wall opened a pull request:
https://github.com/apache/qpid-jms/pull/9
QPIDJMS-294: Ensure that SASL mechanism has completed before allowingâ¦
⦠authentication to complete successfully
This change allows the SCRAM mechanisms to ensure that server final message
is verified correctly.
The lack of unit tests around AmqpSaslAuthenticator is bothersome. To
address this, I think to extract an SaslMechanismFinder allowing a mock (and a
mock Mechanism) to be substituted for unit testing purposes. This would allow
simple mock based tests to be written for AmqpSaslAuthenticator and the
interactions with both Proton and Mechanism verified, including the new
verifyComplete path. Comments welcome.
This change would be breaking for users of the Qpid Broker J < 6.0.4 using
the SCRAM SHA authentication, but simple work arounds are available (upgrading
to a bug-fix release or a simple configuration change to use a different SASL
mech).
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/k-wall/qpid-jms master
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/qpid-jms/pull/9.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #9
----
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
