Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
0.10
-
None
Description
If the Java broker is configured to use the Base64MD5Password password database the Java client is unable to connect even if they use the sasl_mechs broker option in the connection URL (sasl_mechs='CRAM-MD5-HASHED').
Instead the user sees:
org.apache.qpid.AMQException: Cannot connect to broker: Callback handler with support for AuthorizeCallback required
The user can work around the problem by passing the -Dqpid.amqp.version system property to the client, and selecting a protocol < 0-10.
The problem is happening because on the 0-10 code path on the client, the SASL CallbackHandler in use is hardcoded to UsernamePasswordCallbackhandler (ClientDelegate), rather than using the facilities of CallbackHandlerRegistry (as does the 0-8 and 0-9* code paths). CRAM-MD5-HASHED requires the use of a different Callbackhandler.
This also inhibits the use of custom SASL methods by the client.
Attachments
Issue Links
- incorporates
-
QPID-3246 JMS client on 0-10 codepath sets chosen mech to PLAIN by default
- Closed