qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gordon Sim <g...@redhat.com>
Subject Re: Dispatch: Default value of authenticatePeer
Date Thu, 04 Aug 2016 22:35:11 GMT
On 04/08/16 21:49, Andrew Stitcher wrote:
> Incidentally any connection that bypasses authentication will be
> treated the same as if it connected using the ANONYMOUS mechanism and
> given user name "anonymous". I would expect that this should be used in
> any ACLs in force.

The problem is that you might take steps to disable ANONYMOUS as a 
mechanism, but not realise that there is a backdoor left open by default.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message