diff options
author | Michael Goulish <mgoulish@apache.org> | 2011-07-06 19:28:45 +0000 |
---|---|---|
committer | Michael Goulish <mgoulish@apache.org> | 2011-07-06 19:28:45 +0000 |
commit | 122b2d411f119e4b46b77f20dc5002981db204a8 (patch) | |
tree | ccdb0efbd8f02337591054f0365442ddc98ea346 | |
parent | 12f3f36ce2945dad5498d9a6c587995df4655be6 (diff) | |
download | qpid-python-122b2d411f119e4b46b77f20dc5002981db204a8.tar.gz |
JIRA 3337
no more defaulting to guest/guest username/password
qpidd.sasldb is no longer created -- users who want usernames and passwords in there must create it.
but a local qpidd.sasldb is (before this change) being created for 'make check' testing.
The etc/sasl2/qpidd.conf file now has an explicit mech list -- so we will no longer default to the system-list.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1143536 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | qpid/cpp/etc/Makefile.am | 23 | ||||
-rw-r--r-- | qpid/cpp/etc/qpidd.conf | 2 | ||||
-rw-r--r-- | qpid/cpp/etc/sasl2/qpidd.conf | 5 | ||||
-rw-r--r-- | qpid/cpp/examples/qmf-console/ping.cpp | 4 | ||||
-rw-r--r-- | qpid/cpp/examples/qmf-console/printevents.cpp | 4 | ||||
-rw-r--r-- | qpid/cpp/include/qpid/agent/ManagementAgent.h | 4 | ||||
-rw-r--r-- | qpid/cpp/include/qpid/client/Connection.h | 8 | ||||
-rw-r--r-- | qpid/cpp/src/qpid/agent/ManagementAgentImpl.h | 4 | ||||
-rwxr-xr-x | qpid/cpp/src/tests/cluster_tests.py | 4 |
9 files changed, 16 insertions, 42 deletions
diff --git a/qpid/cpp/etc/Makefile.am b/qpid/cpp/etc/Makefile.am index c91dbcbbad..1e4db561a7 100644 --- a/qpid/cpp/etc/Makefile.am +++ b/qpid/cpp/etc/Makefile.am @@ -30,30 +30,7 @@ nobase_sysconf_DATA = \ qpidd.conf if HAVE_SASL -SASL_DB = qpidd.sasldb - nobase_sysconf_DATA += \ $(SASL_CONF) -sasldbdir = $(localstatedir)/lib/qpidd -sasldb_DATA = $(SASL_DB) - -# Setup the default sasldb file with a single user, guest, with an -# obvious password. This user and password are the default for many -# clients. -# -# The realm specified by -u is very important, and QPID is the default -# for the broker so we use it here. The realm is important because it -# defaults to the local hostname of the machine running the -# broker. This may not seem to bad at first glance, but it means that -# the sasldb has to be tailored to each machine that would be running -# a broker, and if the machine ever changed its name the -# authentication would stop working until the sasldb was updated. For -# these reasons we always want the broker to specify a realm where its -# users live, and we want the users to exist in that realm as well. -$(SASL_DB): - echo guest | $(SASL_PASSWD) -c -p -f $(SASL_DB) -u QPID guest - -CLEANFILES=$(SASL_DB) - endif diff --git a/qpid/cpp/etc/qpidd.conf b/qpid/cpp/etc/qpidd.conf index 8082660f6f..bfe4e38bbd 100644 --- a/qpid/cpp/etc/qpidd.conf +++ b/qpid/cpp/etc/qpidd.conf @@ -21,4 +21,4 @@ # # (Note: no spaces on either side of '='). Using default settings: # "qpidd --help" or "man qpidd" for more details. -cluster-mechanism=ANONYMOUS +cluster-mechanism=DIGEST-MD5 ANONYMOUS diff --git a/qpid/cpp/etc/sasl2/qpidd.conf b/qpid/cpp/etc/sasl2/qpidd.conf index 3197d7792a..d766cb8ef8 100644 --- a/qpid/cpp/etc/sasl2/qpidd.conf +++ b/qpid/cpp/etc/sasl2/qpidd.conf @@ -17,8 +17,8 @@ # under the License. # # -# This configuation allows for either SASL PLAIN or ANONYMOUS -# authentication. The PLAIN authentication is done on a +# This configuation allows for either SASL ANONYMOUS or DIGEST-MD5 +# authentication. The DIGEST-MD5 authentication is done on a # username+password, which is stored in the sasldb_path # file. Usernames and passwords can be added to the file using the # command: @@ -39,6 +39,7 @@ pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /var/lib/qpidd/qpidd.sasldb +mech_list: DIGEST-MD5 ANONYMOUS #following line stops spurious 'sql_select option missing' errors when #cyrus-sql-sasl plugin is installed diff --git a/qpid/cpp/examples/qmf-console/ping.cpp b/qpid/cpp/examples/qmf-console/ping.cpp index fe537d48d2..e6d6d138d5 100644 --- a/qpid/cpp/examples/qmf-console/ping.cpp +++ b/qpid/cpp/examples/qmf-console/ping.cpp @@ -31,9 +31,7 @@ using namespace qpid::console; int main_int(int /*argc*/, char** /*argv*/) { // - // Declare connection settings for the messaging broker. The settings default to - // localhost:5672 with user guest (password guest). Refer to the header file - // <qpid/client/ConnectionSettings.h> for full details. + // Declare connection settings for the messaging broker. // qpid::client::ConnectionSettings connSettings; diff --git a/qpid/cpp/examples/qmf-console/printevents.cpp b/qpid/cpp/examples/qmf-console/printevents.cpp index 3a0a2ab68b..ac3e449a2c 100644 --- a/qpid/cpp/examples/qmf-console/printevents.cpp +++ b/qpid/cpp/examples/qmf-console/printevents.cpp @@ -64,9 +64,7 @@ struct Main { Listener listener; // - // Declare connection settings for the messaging broker. The settings default to - // localhost:5672 with user guest (password guest). Refer to the header file - // <qpid/client/ConnectionSettings.h> for full details. + // Declare connection settings for the messaging broker. // qpid::client::ConnectionSettings connSettings; diff --git a/qpid/cpp/include/qpid/agent/ManagementAgent.h b/qpid/cpp/include/qpid/agent/ManagementAgent.h index e2451244c1..10bc6527a9 100644 --- a/qpid/cpp/include/qpid/agent/ManagementAgent.h +++ b/qpid/cpp/include/qpid/agent/ManagementAgent.h @@ -110,8 +110,8 @@ class ManagementAgent uint16_t intervalSeconds = 10, bool useExternalThread = false, const std::string& storeFile = "", - const std::string& uid = "guest", - const std::string& pwd = "guest", + const std::string& uid = "", + const std::string& pwd = "", const std::string& mech = "PLAIN", const std::string& proto = "tcp") = 0; diff --git a/qpid/cpp/include/qpid/client/Connection.h b/qpid/cpp/include/qpid/client/Connection.h index 2477bf4800..c0db0f301d 100644 --- a/qpid/cpp/include/qpid/client/Connection.h +++ b/qpid/cpp/include/qpid/client/Connection.h @@ -102,8 +102,8 @@ class QPID_CLIENT_CLASS_EXTERN Connection * within a single broker). */ QPID_CLIENT_EXTERN void open(const std::string& host, int port = 5672, - const std::string& uid = "guest", - const std::string& pwd = "guest", + const std::string& uid = "", + const std::string& pwd = "", const std::string& virtualhost = "/", uint16_t maxFrameSize=65535); /** @@ -124,8 +124,8 @@ class QPID_CLIENT_CLASS_EXTERN Connection * within a single broker). */ QPID_CLIENT_EXTERN void open(const Url& url, - const std::string& uid = "guest", - const std::string& pwd = "guest", + const std::string& uid = "", + const std::string& pwd = "", const std::string& virtualhost = "/", uint16_t maxFrameSize=65535); /** diff --git a/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h b/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h index bf340777d1..53f3c13a91 100644 --- a/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h +++ b/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h @@ -62,8 +62,8 @@ class ManagementAgentImpl : public ManagementAgent, public client::MessageListen uint16_t intervalSeconds = 10, bool useExternalThread = false, const std::string& storeFile = "", - const std::string& uid = "guest", - const std::string& pwd = "guest", + const std::string& uid = "", + const std::string& pwd = "", const std::string& mech = "PLAIN", const std::string& proto = "tcp"); void init(const management::ConnectionSettings& settings, diff --git a/qpid/cpp/src/tests/cluster_tests.py b/qpid/cpp/src/tests/cluster_tests.py index bfc44abfef..807e9508c3 100755 --- a/qpid/cpp/src/tests/cluster_tests.py +++ b/qpid/cpp/src/tests/cluster_tests.py @@ -829,8 +829,8 @@ class LongTests(BrokerTest): "--base-name", str(qpid.datatypes.uuid4()), "--port", broker.port()], ["qpid-txtest", "--queue-base-name", "tx-%s"%str(qpid.datatypes.uuid4()), "--port", broker.port()], - ["qpid-queue-stats", "-a", "localhost:%s" %(broker.port())], - ["testagent", "localhost", str(broker.port())] ] + ["qpid-queue-stats", "-a", "localhost:%s" %(broker.port())] + ] clients.append([ClientLoop(broker, cmd) for cmd in cmds]) def start_mclients(broker): |