Qpid
  1. Qpid
  2. QPID-3654

ANONYMOUS SASL mechanism does not work on Java client

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.14, 0.15
    • Fix Version/s: 0.14, 0.15
    • Component/s: Java Client
    • Labels:
      None

      Description

      A trivial program which just tries to make a Connection fails if it uses a connection URL like:
      amqp://anonymous:@client/test?brokerlist='tcp://localhost?sasl_mechs='ANONYMOUS''

      This forces the client to use ANONYMOUS.

      Program snippet:

      import javax.jms.Connection;
      import javax.jms.ConnectionFactory;

      ...

      ConnectionFactory connectionFactory = ...
      Connection connection = connectionFactory.createConnection();
      FAILS HERE ^^^

      With exception:
      org.apache.qpid.transport.ConnectionException: Client and broker have no SASL mechanisms in common. Broker allows : PLAIN DIGEST-MD5 ANONYMOUS LOGIN CRAM-MD5 Client has : [EXTERNAL, GSSAPI, CRAM-MD5-HASHED, CRAM-MD5, AMQPLAIN, PLAIN] Client restricted itself to : ANONYMOUS

      Notice that the client doesn't think it supports ANONYMOUS.

        Activity

        Hide
        Justin Ross added a comment -

        Reviewed by Rajith and approved for 0.14. This addresses a regression versus 0.10.

        Show
        Justin Ross added a comment - Reviewed by Rajith and approved for 0.14. This addresses a regression versus 0.10.
        Hide
        Rajith Attapattu added a comment -

        I think this was overdue. Thanks Andrew for doing this.
        I'm happy to include this for 0.14

        Show
        Rajith Attapattu added a comment - I think this was overdue. Thanks Andrew for doing this. I'm happy to include this for 0.14
        Hide
        Andrew Stitcher added a comment -

        This was caused by omitting the mechanism from the registry of SASL callbackhandlers. Even though the anonymous mechanism never needs any callbacks the registry is used to construct the list of client side mechanisms and to put them in preference order.

        Show
        Andrew Stitcher added a comment - This was caused by omitting the mechanism from the registry of SASL callbackhandlers. Even though the anonymous mechanism never needs any callbacks the registry is used to construct the list of client side mechanisms and to put them in preference order.

          People

          • Assignee:
            Andrew Stitcher
            Reporter:
            Andrew Stitcher
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development