I wouldnt be so quick to rule out the 'send claims are required bit' as a red herring, it seems likely to be your main issue.
The azure python client is likely using the CBS 'claims based security' setup that Microsofts bits use, where it either 'logs in' using ANONYMOUS and then sends structured claims-messages to the $cbs special address before actually then performing your messaging work, or 'logs in' using a CBS-related SASL mechanism. The Proton client is almost certainly not doing either of these as it doesnt know about either (unless you are doing the legwork to do the former yourself). If the Proton client similarly goes in using ANONYMOUS, but then doesnt do the $cbs dancing, it naturally wont have claims/permissions to send and thus wont be able to when it tries as you have asked it. Make sure you are passing any user and password via the connection options (https://qpid.apache.org/releases/qpid-proton-0.37.0/proton/cpp/api/classproton_1_1connection__options.html). I'm not sure that its supported passing them via the URI in the C++ binding. You might even need to further restrict the SASL mechanisms allowed to have it use PLAIN in this case, I'm not sure (possibly needed to avoid it using ANONYMOUS, which will be offered but which then wont actually work unless you then do the $cbs dancing required to have claims to do anything). You can use the connection options for configuring that too, if needed. You can set the PN_TRACE_FRM=1 env variable to get protocol trace logging to see what it is actually going on. On Fri, 5 Aug 2022 at 19:10, Zaq Rizer <idhindsi...@gmail.com> wrote: > > Hey all, > > I would like to send directly to Azure Event Hubs using QPID Proton from a > C++ shared library. The docs on Microsoft's site ( > https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-c-getstarted-send) > are unfortunately out of date and refer to the Qpid AMQP Messenger ( > https://qpid.apache.org/proton/messenger.html) which has been deprecated. > > The URL format Microsoft specifies is: > > "amqps://{SAS Key Name}:{SAS key}@{namespace > name}.servicebus.windows.net/{event hub name}"; > > > When I copy my SAS token and key (and URL-Encode the key value) from Azure, > I **AM** able to send a couple dummy messages using Microsoft's Python > example ( > https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-python-get-started-send). > However, using the *exact same URI with Proton*, I'm getting an error back > from Azure like: > "amqp:unauthorized-access: Unauthorized access. 'Send' claim(s) are > required to perform this operation. Resource: 'sb://{{obfuscated}}.service > bus.windows.net/{{obfuscated}}'. TrackingId:{{obfuscated}}, > SystemTracker:gateway5, Timestamp:2022- > 08-05T17:54:44" > > Keep in mind the "Send claims are required" bit is a red herring. This > event hub already has Send claims. And the Python example works just fine. > > I referred to the examples/helloworld, simple_send, direct_send but I'm > getting the same error with all of them. > > Thanks very much for any help! > Zaq --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org For additional commands, e-mail: users-h...@qpid.apache.org
