[
https://issues.apache.org/jira/browse/QPID-2949?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
michael j. goulish updated QPID-2949:
-
Attachment: dont_prompt_me_2.diff
obsoletes previous patch
this patch provides a way to tell SaslFactory that console interaction is NOT
ok. i.e. if the code is running as part of a broker, or a demonized client of
some kind. Just tell it to never do interaction, and any attempt to interact
will be treated as an error.
This script demonstrates that all goes well if you supply enough info :
rm -rf /tmp/data_1 /tmp/data_2
mkdir /tmp/data_1 /tmp/data_2
# in window 1:
../qpidd -p 5672 --data-dir /tmp/data_1 --auth=yes --mgmt-enable=yes
--log-enable info+ ./qpidd_1.log --log-source yes
--sasl-config=/home/mick/trunk/qpid/cpp/src/tests/sasl_config
# in window 2:
../qpidd -p 1 --data-dir /tmp/data_2 --auth=yes --mgmt-enable=yes
--log-enable info+ ./qpidd_1.log --log-source yes
--sasl-config=/home/mick/trunk/qpid/cpp/src/tests/sasl_config
# in window 3 ( from qpid dir )
./tools/src/py/qpid-route dynamic add zig/z...@localhost
zig/z...@localhost:1 qmf.default.direct
# and view the created route
./tools/src/py/qpid-route route list localhost:5672
If you say auth=no, that works fine also.
HOWEVER PLEASE NOTE --
if you say auth=yes, but then do not supply enough into to avoid the need for
interaction, the attempted interaction will result in the connection being
closed. Then the originating broker will re-try the connection, and you will
get a two-broker infinite loop until you fix it.
broker prompts console interactively for password when --auth=no
Key: QPID-2949
URL: https://issues.apache.org/jira/browse/QPID-2949
Project: Qpid
Issue Type: Bug
Components: C++ Broker
Affects Versions: 0.8
Reporter: michael j. goulish
Assignee: michael j. goulish
Priority: Minor
Fix For: 0.9
Attachments: dont_prompt_me_2.diff, dont_prompt_me_2.diff,
dont_prompt_me_2.diff, dont_prompt_me_noauth.diff
As a result of checkin svn r1024541, which promoted some client-side Sasl
code to the common library for use in broker, the broker now prompts for a
password when when it is run with --auth=no !
The attached patch removes this behavior by propagating knowledge of
--auth=no down to SaslFactory. If authorization has been turned off, the
Saslfactory will create a null sasl object, just like it does if the code is
compiled with no Sasl support.
TODO -- also must fix the pathway where auth==yes.
NOTE: this is apparently an irritant rather than a disaster, since it did not
affect make check after the original checkin ( r102451 ).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
-
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscr...@qpid.apache.org