2008/4/27 Carl Trieloff <[EMAIL PROTECTED]>: > > Tomas Restrepo wrote: > > > Hi Marnie, > > > > > > > > > I don't know of any samples though thinking about it I believe it was > the > > > .NET guys that did some work on this stuff. > > > > > > Anyone know better/more ? > > > > > > > > > > I did most of the authentication support on the .NET client, > > implementing the core SASL support. Currently the .NET client itself > > should support Anonymous, CRAM-MD5, Digest, Plain and External (useful > > if eventually implicit SSL with client-side certificates are supported > > by the spec). > > > > From what I remember, though, the Java client only supported Plain and > > CRAM-MD5 (and one of them had an issue which I do not know if it was > > fixed or not). > > > > > > > To complete the picture, > > The M3 C++ broker also now has full SASL support. If you look at the > patches Matthew > submitted -- I think Gordon might still be working some final updates for > 0-10 final though - > sure he will comment when he sees the thread. > > Carl.
The Java client will log out the password when set to debug level logging otherwise it * out the value. The Java broker does have a bug in it with AMQPLAIN and PLAIN authentication, implementations. (QPID-474) The Java broker/client also implements a modified CRAM-MD5 called CRAM-MD5-HASHED where the hash of the password is used to authenticate. This means the broker never needs to know the full password, only the hash is ever stored on disk. Hope that helps, Martin -- Martin Ritchie
