Uploaded image for project: 'AMQ Interconnect'
  1. AMQ Interconnect
  2. ENTMQIC-1014

CLI tools fail with no useful error in some SASL configurations

XMLWordPrintable

    • Release Notes
    • Hide
      By default, even with `authenticatePeer: no`, previous versions of the router were offering all available SASL mechanisms to clients (unless saslMechanisms was set explicitly)
      This meant that if GSS mechanisms were enabled on the host for other purposes, but not configured for the router, they would be preferred over the less secure ANONYMOUS mechanism and fail.
      In the current release, only ANONYMOUS is offered when setting `authenticatePeer: no` and any client can connect anonymously.
      Show
      By default, even with `authenticatePeer: no`, previous versions of the router were offering all available SASL mechanisms to clients (unless saslMechanisms was set explicitly) This meant that if GSS mechanisms were enabled on the host for other purposes, but not configured for the router, they would be preferred over the less secure ANONYMOUS mechanism and fail. In the current release, only ANONYMOUS is offered when setting `authenticatePeer: no` and any client can connect anonymously.
    • Documented as Resolved Issue

      Management tools (qdstat and qdmanage) apparently fail if one has Kerberos set up on the same machine. This was reported upstream as DISPATCH-224.

            rhn-engineering-aconway Alan Conway
            jdanek@redhat.com Jiri Daněk
            Matej Lesko Matej Lesko (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: