Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-3667

Python QMF console can provide the incorrect user-id under some circumstances.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 0.14
    • 0.15
    • QMF
    • None

    Description

      If "saslwrapper" is not available, the python console will support ANONYMOUS and PLAIN auth mechanisms. PLAIN requires a username/password be specified in the broker's URL. If the broker only supports ANONYMOUS, the QMF python console will incorrectly set the user-id field of each message to the value that was specified in the URL as if PLAIN was used, even though it probably will not match the ANONYMOUS user.

      This will result in the following exception:

      qpid-stat -c joe/eoj@127.0.0.1:5672
      Failed: SessionException - ExecutionException(error_code=403,
      command_id=serial(29), class_code=0, command_code=0, field_index=0,
      description=u'unauthorized-access: authorised user id : anonymous@QPID but user
      id in message declared as joe (qpid/broker/SemanticState.cpp:473)',
      error_info={}, channel=1, id=serial(2))

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. QPID-3668 Python console has inconsistent interface to the authenticated user state, depending on whether saslwrapper is used or not.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              kgiusti Ken Giusti
              kgiusti Ken Giusti
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: