On 27/04/2008, Senaka Fernando <[EMAIL PROTECTED]> wrote: > I would like to know what SASL mechanisms (out of the ones found in [1]) > does Qpid support, in order to find a solution to issue [2]. > > [1] http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer > [2] https://issues.apache.org/jira/browse/QPID-918
Hi Senaka, I think the best thing to do is simply ensure that the response field of start-ok is never logged irrespective of the SASL mechanism being used. That is safer and probably simpler (since ideally we will want people to be able to plug in arbitrary SASL implementations at some point in the future so you can't necessarily make a decision whether to log or not). The Java broker does support CRAM-MD5 but I think the C++ broker only does PLAIN at the moment. RG
