Red Hat Bugzilla – Bug 1268433
None of the qpid command line tools work if the broker is configured w/SASL and AMQP1.0
Last modified: 2015-10-08 13:18:12 EDT
Description of problem:
When using AMQP1.0 clients with qpidd and authenticating with SASL DIGEST-MD5 or GSSAPI, the broker's sasl-service-name must be set to "amqp" for the clients to be authorized.
However, this causes the qpid-tools command line tools to fail as they set the sasl service name to 'qpidd'.
How to reproduce:
Configure broker to use SASL with DIGEST-MD5 as the only acceptable mech.
Attempt to run qpid-config against the broker:
qpid-config -b amqp://<user>/<pw>@<hostname:port>
this will fail with an authentication error (check qpidd logs --log-enable info+)
Ugh - forgot the most important part:
set sasl-service-name to amqp in the broker config.
Confirm that AMQP1.0 test clients can authenticate using DIGEST-MD5
Fix pushed upstream - two patches:
Reopening. Andrew has suggested a less intrusive fix.