Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-6666

When --auth=no is configured, broker offers ANONYMOUS and PLAIN mechanisms

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 0.32
    • None
    • C++ Broker
    • None

    Description

      When the auth=no configuration option is in effect (authentication disabled), the broker offers both ANONYMOUS and PLAIN mechanisms over AMQP 0-10 regardless of how SASL is configured outside the broker.
      This can cause problems with clients that choose the PLAIN mechanism and go to lengths (prompting, etc.) to get the username and password only to have them ignored by the broker.
      I think the broker should only offer ANONYMOUS if authentication is disabled.

      Attachments

        Activity

          People

            Unassigned Unassigned
            tross Ted Ross
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: