Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
0.32
-
None
-
None
Description
When the auth=no configuration option is in effect (authentication disabled), the broker offers both ANONYMOUS and PLAIN mechanisms over AMQP 0-10 regardless of how SASL is configured outside the broker.
This can cause problems with clients that choose the PLAIN mechanism and go to lengths (prompting, etc.) to get the username and password only to have them ignored by the broker.
I think the broker should only offer ANONYMOUS if authentication is disabled.