The output shows that the server offered SCRAM-SHA-256 and PLAIN mechs. Do you have the relevant cyrus-sasl mechanism modules installed (e.g cyrus-sasl-plain) to support them? Are you setting the necessary username and password?
The server did not offer EXTERNAL so it isn't required (or you wouldn't have got the output shown). Whether it supports it or not, your configuring the client for EXTERNAL certainly wouldn't work unless you also provided a client-certificate for the server to authenticate it using, which you dont appear to (and if you did, and the server still didnt offer EXTERNAL, that would indicate it isn't enabled for that at all). On Thu, 10 Sep 2020 at 18:30, cgh467 <[email protected]> wrote: > > Hi Gordon, > > Thanks for your suggestion. By setting > ssl_ignore_hostname_verification_failure=true, I'm able to see some data > from JAVA server, now the error becomes "Can't authenticate using > SCRAM-SHA-256 PLAIN" as below trace. Do I miss something? I tried "PLAIN" or > "EXTERNAL", did not work either. > > 2020-09-10 10:23:44 [Client] debug RECV > [[10.80.244.84:43344-test_lab4.engineering:5673]]: INIT(0-10) > 2020-09-10 10:23:44 [Security] trace RECV > [[10.80.244.84:43344-test_lab4.engineering:5673]]: Frame[BEbe; channel=0; > {ConnectionStartBody: server-properties={product:V2:25:str16(Apache Qpid > Broker-J > Core),qpid.build:V2:40:str16(5ffa4c35f62c4bcdc3cfd507a2c1e7cf36a49547),qpid.features:[{V2:17:str16(qpid.jms-selector)}]list([{V2:17:str16(qpid.jms-selector)}]),qpid.federation_tag:V2:36:str16(0892b38e-e400-4bec-a2da-28c5bf664a2e),qpid.instance_name:V2:6:str16(Broker),qpid.message_compression_supported:V2:4:str16(true),qpid.queue_lifetime_supported:V2:4:str16(true),qpid.virtualhost_properties_supported:V2:4:str16(true),version:V2:5:str16(7.1.7)}; > mechanisms=str16{V2:13:str16(SCRAM-SHA-256), V2:5:str16(PLAIN)}; > locales=str16{V2:5:str16(en_US)}; }] > 2020-09-10 10:23:44 [Security] debug CyrusSasl::start(SCRAM-SHA-256 PLAIN) > 2020-09-10 10:23:44 [Security] debug external SSF detected and set to 128 > 2020-09-10 10:23:44 [Security] debug min_ssf: 0, max_ssf: 256 > 2020-09-10 10:23:44 [System] debug Exception constructed: Can't authenticate > using SCRAM-SHA-256 PLAIN > 2020-09-10 10:23:44 [Client] warning Closing connection due to Can't > authenticate using SCRAM-SHA-256 PLAIN > > Thanks so much! > Linda > > > > > > > -- > Sent from: http://qpid.2158936.n2.nabble.com/Apache-Qpid-users-f2158936.html > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
