Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-3415

CRAM-MD5-HASHED not supported by 0-10 protocol (+ no suppport for custom SASL mechanisms).

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.10
    • Fix Version/s: 0.13
    • Component/s: JMS AMQP 0-x
    • Labels:
      None

      Description

      If the Java broker is configured to use the Base64MD5Password password database the Java client is unable to connect even if they use the sasl_mechs broker option in the connection URL (sasl_mechs='CRAM-MD5-HASHED').

      Instead the user sees:

      org.apache.qpid.AMQException: Cannot connect to broker: Callback handler with support for AuthorizeCallback required
      

      The user can work around the problem by passing the -Dqpid.amqp.version system property to the client, and selecting a protocol < 0-10.

      The problem is happening because on the 0-10 code path on the client, the SASL CallbackHandler in use is hardcoded to UsernamePasswordCallbackhandler (ClientDelegate), rather than using the facilities of CallbackHandlerRegistry (as does the 0-8 and 0-9* code paths). CRAM-MD5-HASHED requires the use of a different Callbackhandler.

      This also inhibits the use of custom SASL methods by the client.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                k-wall Keith Wall
                Reporter:
                k-wall Keith Wall
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: