Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-3415

CRAM-MD5-HASHED not supported by 0-10 protocol (+ no suppport for custom SASL mechanisms).

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.10
    • 0.13
    • JMS AMQP 0-x
    • None

    Description

      If the Java broker is configured to use the Base64MD5Password password database the Java client is unable to connect even if they use the sasl_mechs broker option in the connection URL (sasl_mechs='CRAM-MD5-HASHED').

      Instead the user sees:

      org.apache.qpid.AMQException: Cannot connect to broker: Callback handler with support for AuthorizeCallback required

      The user can work around the problem by passing the -Dqpid.amqp.version system property to the client, and selecting a protocol < 0-10.

      The problem is happening because on the 0-10 code path on the client, the SASL CallbackHandler in use is hardcoded to UsernamePasswordCallbackhandler (ClientDelegate), rather than using the facilities of CallbackHandlerRegistry (as does the 0-8 and 0-9* code paths). CRAM-MD5-HASHED requires the use of a different Callbackhandler.

      This also inhibits the use of custom SASL methods by the client.

      Attachments

        Issue Links

          incorporates

          Improvement - An improvement or enhancement to an existing feature or task. QPID-3246 JMS client on 0-10 codepath sets chosen mech to PLAIN by default

          • Major - Major loss of function.
          • Closed

          Activity

            People

              kwall Keith Wall
              kwall Keith Wall
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: