Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-2234

[c] Need ability to add an authorization id in the SASL exchange

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • proton-c-0.31.0
    • proton-c-0.33.0
    • proton-c
    • None

    Description

      The Qpid Dispatch router is capable of delegating SASL authentication to an external auth service.

      We need a way

      (1) for a server to get the authzid for a sasl external request - The "server" in this case the router, needs a way to obtain the authzid if the client has specified one during the SASL exchange

      (2) for a client to specify the authzid to send with an external request - the "client" in this case the router acts as a client to the auth service and it needs a way to specify/send the authzid to the auth service as part of the SASL exchange.

      https://tools.ietf.org/html/rfc4422#page-29 (section A.2)

      Attachments

        Issue Links

          blocks

          Improvement - An improvement or enhancement to an existing feature or task. DISPATCH-1634 Expose client X509 certificate identity (TLS client auth) to the auth service delegate

          • Major - Major loss of function.
          • Open

          Activity

            People

              astitcher Andrew Stitcher
              gmurthy Ganesh Murthy
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: