qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paolo Patierno <ppatie...@live.com>
Subject SASL mechanism different between 0.9.1 and 0.10
Date Tue, 01 Sep 2015 14:32:36 GMT
Hi all,I noticed the following difference between 0.9.1 and 0.10 and I'm not able to use Qpid
Proton C 0.10 for sending messages to Azure Service Bus (a queue for example).The endpoint
is the same for both :
I'm using the "send" example in the Proton solution (Visual Studio 2015 under Windows 10).
With 0.9.1 the message is sent correctly to the Service Bus queue but it doesn't happen with
version 0.10.
Enabling the PN_TRACE_FRM I can see a big difference ...
With 0.9.1 version the SASL mechanism is PLAIN and it's correct. With 0.10 version the SASL
mechanism is EXTERNAL, so after some messages exchanges I receive the unauthorized access
with a claim needed. It's right because I'm not sending the SAS token to Azure (needed by
the AMQP Claim Based Security specification).
0.9.1 ......
[011FDF28]:  -> SASL
[011FDF28]:0 -> @sasl-init(65) [mechanism=:PLAIN, initial-response=b"\x00RootManageSharedAccessKey\x00<mysecretkey>"]
[011FDF28]:  <- SASL
0.10 ....
[00D9D160]:  -> SASL
[00D9D160]:  <- SASL
[00D9D160]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=@PN_SYMBOL[:PLAIN, :EXTERNAL]]
[00D9D160]:0 -> @sasl-init(65) [mechanism=:EXTERNAL, initial-response=b"RootManageSharedAccessKey"]....[00D9D160]:0
<- @detach(22) [handle=0, closed=true, error=@error(29) [condition=:"amqp:unauthorized-access",
="Unauthorized access. 'Send' claim(s) are required to perform this operation. Resource: 'sb://qpidprotontest.servicebus
.windows.net/q1'. TrackingId:c5a321fd35e7461f83846bbcef5e42ff_G34,TimeStamp:9/1/2015 2:12:36
My question is why the two version have these two different behaviors ?It's the client to
propose the PLAIN in 0.9.1 and EXTERNAL in 0.10.
Attached you can find the two different trace (I removed <mysecretkey>).
With these changes seems that the current 0.10 version doesn't work with Azure Service Bus.

Paolo PatiernoSenior Software Engineer

Windows Embedded & IoTMicrosoft Azure Insider 
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperienceBlog : Embedded101
View raw message