( Thanks KennyG for noticing this omission. ) Chapter 8: Broker Federation { We have a new capability that should be mentioned in the doco -- the ability to create inter-broker (federated) routes with SASL security. SASL security can now be added to any type of route, using the new "mechanism" argument to qpid-tool. It determines the SASL mechanism that will be used on the inter-broker connection. The new argument is avaailable in the following variants of the qpid-tool command: dynamic add route add queue add link add ( And it is listed in the qpid-tool help. ) Please note that if you care enough to create secure inter-broker links, then you may also want the qpid-tool itself to use a SASL-secured link when it is talking to the broker. In that case, use the "--client-sasl-mechanism" argument, to determine which SASL mechanism qpid-tool will use. }
Updated flags and target milestone for 2.1
Hi Mick, qpid-tool is currently described in Ch12, Management Tools. Should it be relocated to Chapter 8 with the introduction of this new command, should these details actually be in Chapter 12 or just the above content put into chapter 8? Thanks, Alison
I guess it has to be at least mentioned in the Management Tools section, because that's where you describe what the tool's arguments do. But it should also be described in the chapter where we explain security -- and that chapter is where you should mention the bit about "If you are using qpid-tool to make secure links, then you may also want qpid-tool itself to use a secure link with the --client-sasl-mechanism argument." That's kind of serving-suggestion for how to use qpid-tool in a secure way, and has more to do with security than it does with qpid-tool.
Hi, sorry I missed this. No, unfortunately qpid-tool does not as yet have any way to specify the SASL mechanism. It looks like I was just confused in comment 4, above. I meant to say 'qpid-route'.
Released for MRG 2.2