Red Hat Bugzilla – Bug 1268433
None of the qpid command line tools work if the broker is configured w/SASL and AMQP1.0
Last modified: 2015-10-08 13:18:12 EDT
Description of problem: When using AMQP1.0 clients with qpidd and authenticating with SASL DIGEST-MD5 or GSSAPI, the broker's sasl-service-name must be set to "amqp" for the clients to be authorized. However, this causes the qpid-tools command line tools to fail as they set the sasl service name to 'qpidd'. How to reproduce: Configure broker to use SASL with DIGEST-MD5 as the only acceptable mech. Attempt to run qpid-config against the broker: qpid-config -b amqp://<user>/<pw>@<hostname:port> this will fail with an authentication error (check qpidd logs --log-enable info+)
Ugh - forgot the most important part: set sasl-service-name to amqp in the broker config. Confirm that AMQP1.0 test clients can authenticate using DIGEST-MD5
Fix pushed upstream - two patches: https://svn.apache.org/viewvc?view=revision&revision=r1706480 https://svn.apache.org/viewvc?view=revision&revision=r1706484
Reopening. Andrew has suggested a less intrusive fix.