On Thu, 2018-10-18 at 13:35 +0100, Gordon Sim wrote: > On 18/10/18 09:23, Hudalla Kai (INST/ECS4) wrote: > > > > On Tue, 2018-10-16 at 09:40 -0400, Ganesh Murthy wrote: > > > The Apache Qpid (http://qpid.apache.org) community is pleased to > > > announce the immediate availability of Apache Qpid Dispatch 1.4.0 > > > > > > Qpid Dispatch is a router for the Advanced Message Queuing Protocol 1.0 > > > (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org). It provides a flexible > > > and scalable interconnect between AMQP endpoints, whether they be clients, > > > brokers, or other AMQP-enabled services. > > > > > > The release is available now from our website: > > > https://qpid.apache.org/releases/qpid-dispatch-1.4.0/index.html > > > > > > Release notes can be found at: > > > > > > http://qpid.apache.org/releases/qpid-dispatch-1.4.0/release-notes.html > > > > > > > https://issues.apache.org/jira/browse/DISPATCH-1111 has changed the place of > > where Dispatch Router (1.4.0) expects to find the authenticated identity > > within > > the connection properties. However, there is no way for an auth server to > > determine the Dispatch Router version that is trying to authenticate the > > user, so > > it is hard to implement an auth server that supports both Dispatch Router > > versions < 1.4 and >= 1.4. > > Sorry, that was my fault! It was originally 'wrong' in so far as it did > not match the keycloak plugin that Rob Godfrey wrote which was the > notional 'spec' I was conforming to. Once I realised my error I fixed > it, but should have been more careful about how I did that with regards > to other users of the experimental feature. >
I see. > > Is it policy to not include e.g. a version property in the connection > > properties > > when Dispatch Router opens/accepts a connection? > > Again, my fault. In general the router does indicate the version. The > auth plugin does not yet do so however. I'll try and get that at least > fixed. > That would be helpful :-) > > Or maybe another desired > > capability value could be used for indicating that the Dispatch Router > > expects > > the identity to be contained in the "sub" entry instead of the > > "authenticated- > > identity" itself? > > I could also just have the router continue to accept both forms. The > original 'incorrect' approach and the fixed approach. That is probably > what I should have done when fixing in the first place. I do apologise! > Since it is an experimental feature anyway, I am fine with the change. Again, it would be helpful to know which version I am talking to ... Have you seen my other post regarding my problems with authorizing a client? > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org > For additional commands, e-mail: users-h...@qpid.apache.org >
