qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pavel Moravec <pmora...@redhat.com>
Subject Configuration of CRAM-MD5 SASL method?
Date Thu, 04 Aug 2011 08:47:13 GMT
Hi all, 
does somebody know how to configure CRAM-MD5 SASL authentication method? I tried the following:


# cat /etc/sasl2/qpidd.conf 
pwcheck_method: auxprop 
auxprop_plugin: sasldb 
sasldb_path: /var/lib/qpidd/qpidd.sasldb 

#following line stops spurious 'sql_select option missing' errors when 
#cyrus-sql-sasl plugin is installed 
sql_select: dummy select 
mech_list: cram-md5 
# qpid-perftest --count 100 --username guest --password guest --mechanism CRAM-MD5 
2011-08-04 10:34:49 warning Broker closed connection: 320, connection-forced: Authentication
failed 

connection-forced: Authentication failed 
# 

qpid debug has: 

2011-08-04 10:33:05 info SASL: Mechanism list: CRAM-MD5 
2011-08-04 10:33:05 debug Management object (V1) added: org.apache.qpid.broker:connection:127.0.0.1:5672-127.0.0.1:54123

2011-08-04 10:33:05 debug SASL: Starting authentication with mechanism: CRAM-MD5 
2011-08-04 10:33:05 warning Failed to retrieve sasl username 
2011-08-04 10:33:05 info SASL: Authentication failed (no username available):SASL(-6): can't
request info until later in exchange: Information that was requested is not yet available.

2011-08-04 10:33:05 debug Exception constructed: Authentication failed 
2011-08-04 10:33:05 warning Failed to retrieve sasl username 

The same (error 320 and SASL(-6)) I received when using Java HelloWorld program specifying
sasl_mechs='CRAM-MD5' . 

Any suggestions what do I wrong? As when I replace "CRAM-MD5" by "DIGEST-MD5" in sasl config
file and perftest command line, the authentication passes.. (well, it does not in Java HelloWorld
program, but that is another story). 

Thanks in advance for your help. 

Kind regards, 
Pavel 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message