Description of problem:
Messaging broker permits access the python client without authentication (in fact client uses "ANONYMOUS" mechanism); this behavior is different from C++, C# and Java clients.


In both examples below we're trying to use high level API clients without specification of user / password.

The difference we see is following:
- C++/C# client uses authentication mechanism with userid of logged user (root)
- Python client by default selects ANONYMOUS mechanism


I believe that clients should behave the same way (either both using logged user or ANONYMOUS mechanism)


See below terminal transcript...


Version-Release number of selected component (if applicable):
[root@dhcp-37-203 ~]# rpm -qa | grep qpid | sort
python-qpid-0.7.946106-15.el5
qpid-cpp-client-0.7.946106-28.el5
qpid-cpp-client-devel-0.7.946106-28.el5
qpid-cpp-client-devel-docs-0.7.946106-28.el5
qpid-cpp-client-ssl-0.7.946106-28.el5
qpid-cpp-server-0.7.946106-28.el5
qpid-cpp-server-cluster-0.7.946106-28.el5
qpid-cpp-server-devel-0.7.946106-28.el5
qpid-cpp-server-ssl-0.7.946106-28.el5
qpid-cpp-server-store-0.7.946106-28.el5
qpid-cpp-server-xml-0.7.946106-28.el5
qpid-java-client-0.7.946106-15.el5
qpid-java-common-0.7.946106-15.el5
qpid-java-example-0.7.946106-15.el5
qpid-tools-0.7.946106-12.el5


How reproducible: 
always


Steps to Reproduce: 
see below (Addition info section)

  
Actual results:
Default authentication behaves differently in C++/C# vs. Python.


Expected results:
Default authentication should behave the same way.

Additional info:
See below terminal transcript...

[root@dhcp-37-203 ~]# cat /etc/qpidd.conf

#log-enable=info+
log-enable=debug+
log-to-file=/tmp/qpidd.log
truncate=yes
auth=yes
[root@dhcp-37-203 ~]# 


[root@dhcp-37-203 messaging]# ./spout "AA; {create:sender}"
Please enter your password
Failed to connect (reconnect disabled)
2011-02-09 10:12:10 warning Broker closed connection: 320, connection-forced: Authentication failed

  2011-02-09 10:12:06 debug RECV [127.0.0.1:5672-127.0.0.1:50271] INIT(0-10)
  2011-02-09 10:12:06 debug External ssf=0 and auth=
  2011-02-09 10:12:06 debug min_ssf: 0, max_ssf: 256, external_ssf: 0
  2011-02-09 10:12:06 info SASL: Mechanism list: LOGIN PLAIN ANONYMOUS
  2011-02-09 10:12:06 debug Management object (V1) added: org.apache.qpid.broker:connection:127.0.0.1:5672-127.0.0.1:50271
  2011-02-09 10:12:06 debug SASL: Starting authentication with mechanism: LOGIN
  2011-02-09 10:12:06 debug SASL: sending challenge to client
  2011-02-09 10:12:07 debug Management agent periodic processing: management snapshot: 2 packages, 12 objects (0 deleted), 1 new objects  (0 deleted), 0 pending deletes
  2011-02-09 10:12:07 debug SEND V1 Multicast ContentInd to=console.obj.1.0.org.apache.qpid.broker.broker props=0 stats=1 len=102
  2011-02-09 10:12:07 debug SEND V1 Multicast ContentInd to=console.obj.1.0.org.apache.qpid.broker.connection props=1 stats=1 len=297
  2011-02-09 10:12:07 debug SEND V1 Multicast ContentInd to=console.obj.1.0.org.apache.qpid.broker.exchange props=0 stats=1 len=168
  2011-02-09 10:12:07 debug SEND HeartbeatInd to=console.heartbeat.1.0
  2011-02-09 10:12:10 debug SASL: sending challenge to client
  2011-02-09 10:12:10 info SASL: Authentication failed for root@QPID:SASL(-13): user not found: checkpass failed
  2011-02-09 10:12:10 debug Exception constructed: Authentication failed


[root@dhcp-37-203 api]# ./spout "AAA; {create:sender}"
Message(properties={'spout-id': 'ccb10c16-d3c1-cb44-aef9-5e43d5db7bcc:0'})

  2011-02-09 10:13:26 debug RECV [127.0.0.1:5672-127.0.0.1:50272] INIT(0-10)
  2011-02-09 10:13:26 debug External ssf=0 and auth=
  2011-02-09 10:13:26 debug min_ssf: 0, max_ssf: 256, external_ssf: 0
  2011-02-09 10:13:26 info SASL: Mechanism list: LOGIN PLAIN ANONYMOUS
  2011-02-09 10:13:26 debug Management object (V1) added: org.apache.qpid.broker:connection:127.0.0.1:5672-127.0.0.1:50272
  2011-02-09 10:13:26 debug SASL: Starting authentication with mechanism: ANONYMOUS
  2011-02-09 10:13:26 info 127.0.0.1:5672-127.0.0.1:50272 SASL: Authentication succeeded for: anonymous@QPID