Thank-you for the additional information. It appears that you successfully create an SSL encrypted TCP connection acceptable to each peer. So SSL configuration seems fine.
It further appears that the service bus refuses to create a link to your topic based on an unauthorized access attempt, presumably based on the credentials you supplied. Yet the credentials are OK based on their same use in AMQPLite. Perhaps there is some quoting problem providing the url to messenger (from the command line?). Or possibly the url encoded service bus key is being parsed incorrectly by Proton. You could try creating your own pn_url_t (see url.h) from the url you are using with pn_url_parse(), and see if the associated pn_url_username() and pn_url_password() are what you expect. If all that is fine and you are compiling your own Proton library, you could further check that PLAIN sasl processing is the chosen sasl mechanism and that a correct username and password make it to that layer (in none_sasl.c). On Thu, Feb 25, 2016 at 8:01 AM, Randy Armstrong <ra...@sparhawksoftware.com> wrote: > I am using the "recv" example from the 0.12 codebase. > > > > The URL I am using is: > > amqps://receiver:<url encoded service bus > key>@opcfoundation-prototyping.servicebus.windows.net/MyTopic/Subscriptions/ > default" > > > > I have tried with > > pn_messenger_set_flags(messenger, PN_FLAGS_ALLOW_INSECURE_MECHS); > > and > > pn_messenger_set_flags(messenger, 0); > > > > The credentials are identical to what I provide to a AMQPLite client that > has no problems connecting and receiving messages. > > > > Any hints/suggestions/links to documentation would be appreciated. > > > > The trace from the program shows this error: > > > > [00B3D578]:0 <- @attach(18) [name="MyTopic/Subscriptions/default", handle=0, > role=false, snd-settle-mode=2, rcv-settle-mode=0, initial-delivery-count=0, > max-message-size=266240] > > Application consumed 68 bytes from peer > > process_input_ssl() returning 101, forwarded 68 > > process_output_ssl( max_len=16384 ) > > process_output_ssl() returning 0 > > process_output_ssl( max_len=16384 ) > > process_output_ssl() returning 0 > > process_input_ssl( data size=357 ) > > Next decryption, 0 left over > > [00B3D578]:0 <- @detach(22) [handle=0, closed=true, error=@error(29) > [condition=:"amqp:unauthorized-access", description="Unauthorized access. > 'Listen' claim(s) are required to perform this operation. Resource: > 'sb://opcfoundation-prototyping.servicebus.windows.net/mytopic/subscriptions > /default'. > TrackingId:46e13f2c7e0043978dd72021e52b7d22_G22,TimeStamp:2/25/2016 3:26:50 > PM"]] > > Application consumed 317 bytes from peer > > process_input_ssl() returning 357, forwarded 317 > > process_output_ssl( max_len=16384 ) > > [00B3D578]:0 -> @detach(22) [handle=0, closed=true] > > Gathered 24 bytes from app to send to peer > > ssl_encrypt 53 network bytes > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org For additional commands, e-mail: users-h...@qpid.apache.org
