Qpid
  1. Qpid
  2. QPID-3667

Python QMF console can provide the incorrect user-id under some circumstances.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 0.14
    • Fix Version/s: 0.15
    • Labels:
      None

      Description

      If "saslwrapper" is not available, the python console will support ANONYMOUS and PLAIN auth mechanisms. PLAIN requires a username/password be specified in the broker's URL. If the broker only supports ANONYMOUS, the QMF python console will incorrectly set the user-id field of each message to the value that was specified in the URL as if PLAIN was used, even though it probably will not match the ANONYMOUS user.

      This will result in the following exception:

      qpid-stat -c joe/eoj@127.0.0.1:5672
      Failed: SessionException - ExecutionException(error_code=403,
      command_id=serial(29), class_code=0, command_code=0, field_index=0,
      description=u'unauthorized-access: authorised user id : anonymous@QPID but user
      id in message declared as joe (qpid/broker/SemanticState.cpp:473)',
      error_info={}, channel=1, id=serial(2))

        Issue Links

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              Ken Giusti
              Reporter:
              Ken Giusti
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development