Description of problem: It is necessary to document all requirements needed for successfull SASL GSSAPI authentication. There is no qpid python client kerberos authentication documentation. Starting from packages needed (python-qpid, saslwrapper, python-saslwrapper), ending in snippet of code, for instance: https://bugzilla.redhat.com/show_bug.cgi?id=581807#c6 Version-Release number of selected component (if applicable): N/A How reproducible: 100% Steps to Reproduce: 1. no python kerberos authentication documentation. Actual results: No qpid python client kerberos authentication documentation. Expected results: There should be qpid python client kerberos authentication documentation. Additional info:
Gordon, Can you please provide further information for documentation? LKB
In section 10.1 add: "To use SASL from the python client, you need to install the python-saslwrapper rpm (and its dependency saslwrapper)." There is no specific code required for GSSAPI anymore with the messaging API in python. After a kinit spout and drain should work providing you use the proper FQDN for the broker. This latter point is the same for all clients and would certainly be worth a note. E.g. in 10.1.2 something like: "Note: when using GSSAPI clients must specify the fully qualified domain name for the broker they are connecting to, which corresponds to the principal created for the qpidd service on that host." There is of course the ability to restrict the sasl mechanisms used on the client. That is documented in the programming guide.
Thanks Gordon.
Requirements needed for successful SASL GSSAPI authentication were added into the Messaging User Guide 2.0 (chapter 10.1). --> VERIFIED