Uploaded image for project: 'Qpid JMS'
  1. Qpid JMS
  2. QPIDJMS-150

Scram SHA SASL support for authentication

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.9.0
    • Component/s: qpid-jms-client
    • Labels:
      None

      Description

      The SCRAM SHA-1 and 256 SASL mechanisms https://tools.ietf.org/html/rfc5802 offer better security than older SASL implementations. In particular the authentication information stored in the authentication database is not sufficient to impersonate the client if the database were to be stolen.

      (The Java Broker already supports these mechanisms. The intention is to switch to recommend SCRAM instead of CRAM-MD5 shortly. One barrier to making this switch is the absence of support in the client).

        Attachments

          Activity

            People

            • Assignee:
              gemmellr Robbie Gemmell
              Reporter:
              k-wall Keith Wall
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: