Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
The authenticatePeer parameter in listener configuration has currently default value "no". I believe this can lead to misunderstandings causing security issues. Consider listener configured as this:
listener { role: normal host: 0.0.0.0 port: amqp saslMechanisms: PLAIN DIGEST-MD5 CRAM-MD5 }
It has configured SASL authentication using username and password and on a first look one might believe that such listener is configured properly. However, because of missing "authenticatePeer: yes" parameter, it is still possible to connect anonymously without the SASL layer.
I believe it would be much better to have either set authenticatePeer parameter to yes by default all the time or at least when SASL is configured.
Please have a look at the related discussion from the mailing list:
http://qpid.2158936.n2.nabble.com/Dispatch-Default-value-of-authenticatePeer-td7648676.html
Attachments
Issue Links
- is related to
-
PROTON-1354 Disable GSSAPI and GSS-SPNEGO SASL mechanisms if they are not explicitly enabled
- Closed
- relates to
-
DISPATCH-224 Tools fail with no useful error in some SASL configurations
- Closed