qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gordon Sim <g...@redhat.com>
Subject Re: Is it possible to set authentication to only authenticate consumers?
Date Fri, 07 Oct 2011 12:17:30 GMT
On 10/07/2011 12:50 PM, Pavel Moravec wrote:
> qpidd chooses from the available mechanisms the most secure (from available) every time,
when possible. I think SASL library itself does not have a priority list itself, the decision
is made by qpidd only.

Actually I think it is the other way around. There is no logic in qpidd 
(or the cyrus-sasl based clients) to prioritise mechanisms. The user can 
configure what the client and broker will support, but its the 
underlying sasl library that picks one if there is more than one 
mutually acceptable option. The choice is I think based on the perceived 
security provided and certainly isn't controlled by the order used in 
the mech_list.

Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

View raw message