qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleksandr Rudyy <oru...@gmail.com>
Subject Does Qpid cpp client support authentication with XOAUTH2 SASL mechanism ?
Date Tue, 29 Dec 2020 19:32:32 GMT
Hi folks,

I tried to authenticate a qpid-cpp client using XOAUTH2 SASL mechanism
agains Qpid Broker-J but it did not work for me.

I assumed that cyrus-sasl-xoauth2 (
https://github.com/moriyoshi/cyrus-sasl-xoauth2.git) might work with
qpid-cpp client as its SASL layer is built on top of cyrus-sals.

Thus, I built cyrus-sasl-xoauth2 from sources and installed it on my fedora
33 into /usr/lib/sasl2.

I tried to run client example hello_world using

export QPID_SSL_CERT_DB=sql:./nssdb
export LD_LIBRARY_PATH=/usr/lib/sasl2:.
export QPID_LOG_ENABLE="trace+"

./examples/messaging/hello_world localhost:5671 'test;{create:always}'
'{username:<user id>,password:<access_token>,transport:ssl}'

In the above, i specified my id and access token under <user id> and
<access_token> respectively.

An authentication had failed for me with the following trace logs:

2020-12-29 19:24:45 [Security] debug SslConnector created for 0-10
2020-12-29 19:24:45 [System] info Connecting: 192.168.1.102:5671
2020-12-29 19:24:45 [Client] debug RECV [[192.168.1.102:desktop:5671]]:
INIT(0-10)
2020-12-29 19:24:45 [Security] trace RECV [[192.168.1.102:desktop:5671]]:
Frame[BEbe; channel=0; {ConnectionStartBody:
server-properties={product:V2:7:str16(unknown),qpid.build:V2:7:str16(unknown),qpid.features:[{V2:17:str16(qpid.jms-selector)}]list([{V2:17:str16(qpid.jms-selector)}]),qpid.federation_tag:V2:36:str16(d00c463d-05b4-4f9b-9926-03229b53c8b9),qpid.instance_name:V2:6:str16(Broker),qpid.message_compression_supported:V2:4:str16(true),qpid.queue_lifetime_supported:V2:4:str16(true),qpid.virtualhost_properties_supported:V2:4:str16(true),version:V2:14:str16(9.0.0-SNAPSHOT)};
mechanisms=str16{V2:7:str16(XOAUTH2)}; locales=str16{V2:5:str16(en_US)}; }]
2020-12-29 19:24:45 [Security] debug CyrusSasl::start(XOAUTH2)
2020-12-29 19:24:45 [Security] debug external SSF detected and set to 128
2020-12-29 19:24:45 [Security] debug min_ssf: 0, max_ssf: 256
2020-12-29 19:24:45 [System] debug Exception constructed: Can't
authenticate using XOAUTH2
2020-12-29 19:24:45 [Client] warning Closing connection due to Can't
authenticate using XOAUTH2
2020-12-29 19:24:45 [Security] trace SENT [[192.168.1.102:desktop:5671]]:
Frame[BEbe; channel=0; {ConnectionCloseBody: reply-code=501;
reply-text=Can't authenticate using XOAUTH2; }]
2020-12-29 19:24:45 [Security] trace RECV [[192.168.1.102:desktop:5671]]:
Frame[BEbe; channel=0; {ConnectionCloseOkBody: }]
2020-12-29 19:24:45 [System] debug Exception constructed: Can't
authenticate using XOAUTH2

It seems that XOAUTH2 SASL authentication might not be supported, unless I
am doing something wrong...

Is there any way to make XOAUTH2 authentication working with a qpid-cpp
client?

Kind Regards,
Alex

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message