Qpid
  1. Qpid
  2. QPID-4090

Can't connect from Java Client to Java Broker when Broker uses Base64MD5PasswordFilePrincipalDatabase principal database (0-10 protocol only)

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.17
    • Fix Version/s: 0.17
    • Component/s: Java Broker, Java Client
    • Labels:
      None

      Description

      If I config the Java Broker to use Base64MD5PasswordFilePrincipalDatabase principal database, I am unable to connect from the Java client if I am using the 0-10 protocol.

      The exception seen client side is as follows:

      org.apache.qpid.AMQException: Cannot connect to broker: Callback handler with support for AuthorizeCallback required [error code 320: connection forced]
      	at org.apache.qpid.client.AMQConnectionDelegate_0_10.makeBrokerConnection(AMQConnectionDelegate_0_10.java:239)
      	at org.apache.qpid.client.AMQConnection.makeBrokerConnection(AMQConnection.java:588)
      	at org.apache.qpid.client.AMQConnection.<init>(AMQConnection.java:367)
      	at org.apache.qpid.client.AMQConnectionFactory.createConnection(AMQConnectionFactory.java:121)
      	at org.apache.qpid.example.Hello.runTest(Hello.java:51)
      	at org.apache.qpid.example.Hello.main(Hello.java:40)
      Caused by: org.apache.qpid.transport.ConnectionException: Callback handler with support for AuthorizeCallback required
      	at org.apache.qpid.transport.ConnectionException.rethrow(ConnectionException.java:67)
      	at org.apache.qpid.transport.Connection.connect(Connection.java:269)
      	at org.apache.qpid.client.AMQConnectionDelegate_0_10.makeBrokerConnection(AMQConnectionDelegate_0_10.java:219)
      	... 5 more
      Caused by: org.apache.qpid.transport.ConnectionException: Callback handler with support for AuthorizeCallback required
      	at org.apache.qpid.transport.Connection.closeCode(Connection.java:531)
      	at org.apache.qpid.transport.ConnectionDelegate.connectionClose(ConnectionDelegate.java:75)
      	at org.apache.qpid.transport.ConnectionDelegate.connectionClose(ConnectionDelegate.java:1)
      	at org.apache.qpid.transport.ConnectionClose.dispatch(ConnectionClose.java:91)
      	at org.apache.qpid.transport.ConnectionDelegate.control(ConnectionDelegate.java:49)
      	at org.apache.qpid.transport.ConnectionDelegate.control(ConnectionDelegate.java:1)
      	at org.apache.qpid.transport.Method.delegate(Method.java:163)
      	at org.apache.qpid.transport.Connection.received(Connection.java:376)
      	at org.apache.qpid.transport.Connection.received(Connection.java:1)
      	at org.apache.qpid.transport.network.Assembler.emit(Assembler.java:97)
      	at org.apache.qpid.transport.network.Assembler.assemble(Assembler.java:183)
      	at org.apache.qpid.transport.network.Assembler.frame(Assembler.java:131)
      	at org.apache.qpid.transport.network.Frame.delegate(Frame.java:128)
      	at org.apache.qpid.transport.network.Assembler.received(Assembler.java:102)
      	at org.apache.qpid.transport.network.Assembler.received(Assembler.java:1)
      	at org.apache.qpid.transport.network.InputHandler.next(InputHandler.java:189)
      	at org.apache.qpid.transport.network.InputHandler.received(InputHandler.java:105)
      	at org.apache.qpid.transport.network.InputHandler.received(InputHandler.java:1)
      	at org.apache.qpid.transport.network.io.IoReceiver.run(IoReceiver.java:152)
      	at java.lang.Thread.run(Thread.java:662)
      

      On the server side, I see the client selecting mechanism CRAM-MD5 despite the fact that the server has advertised only CRAM-MD5-HASHED and CRAM-MD5-HEX.

      2012-06-27 10:37:07,432 DEBUG [IoReceiver - /127.0.0.1:37335] (Logger.java:54) - SEND: [conn:72392814] ch=0 ConnectionStart(serverProperties={qpid.federation_tag=20a742d2-22ab-432b-922e-060359332ade, qpid.features=[qpid.jms-selector]}, mechanisms=[CRAM-MD5-HEX, CRAM-MD5-HASHED], locales=[en_US])
      2012-06-27 10:37:07,522 DEBUG [IoReceiver - /127.0.0.1:37335] (Logger.java:54) - RECV: [conn:72392814] ch=0 ConnectionStartOk(clientProperties={product=unknown, qpid.client_version=unknown, platform=Java(TM) SE Runtime Environment, 1.6.0_25-b06, Sun Microsystems Inc., amd64, Linux, 2.6.18-128.7.1.el5, unknown, qpid.session_flow=1, clientName=clientid, qpid.client_pid=19896, qpid.client_process=Qpid Java Client}, mechanism=CRAM-MD5)
      
      

      If I use protocols 0-8...0-9-1, all works well.

        Activity

        Hide
        Keith Wall added a comment -

        On both code paths, the client is correctly selecting from the advertised mechanisms and chooses CRAM-MD5-HASHED.

        On the 0-8..0-9-1 path, it is this name that is used directly to form the client's ConnectionStartOk.

        However, on the 0-10 path, the ConnectionStartOk is created by calling SaslClient.getMechanismName() on the resulting SaslClient. This is where the problem lies: there is no CramMD5HashedClient, the CRAMMD5HashedSaslClientFactory produces a CramMD5Client and CramMD5Client always reports a mechanism name of CRAM-MD5.

        Show
        Keith Wall added a comment - On both code paths, the client is correctly selecting from the advertised mechanisms and chooses CRAM-MD5-HASHED. On the 0-8..0-9-1 path, it is this name that is used directly to form the client's ConnectionStartOk. However, on the 0-10 path, the ConnectionStartOk is created by calling SaslClient.getMechanismName() on the resulting SaslClient. This is where the problem lies: there is no CramMD5HashedClient, the CRAMMD5HashedSaslClientFactory produces a CramMD5Client and CramMD5Client always reports a mechanism name of CRAM-MD5 .
        Hide
        Keith Wall added a comment -

        Patch applied. Hi Robbie, can you please review this change?

        Show
        Keith Wall added a comment - Patch applied. Hi Robbie, can you please review this change?
        Hide
        Robbie Gemmell added a comment -

        Looks ok to me.

        Show
        Robbie Gemmell added a comment - Looks ok to me.

          People

          • Assignee:
            Robbie Gemmell
            Reporter:
            Keith Wall
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development