JIRA 3337

no more defaulting to guest/guest username/password
qpidd.sasldb is no longer created -- users who want usernames and passwords in there must create it. 
but a local qpidd.sasldb is (before this change) being created for 'make check' testing.
The etc/sasl2/qpidd.conf file now has an explicit mech list -- so we will no longer default to the system-list.



git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1143536 13f79535-47bb-0310-9956-ffa450edef68

9 files changed, 16 insertions, 42 deletions

diff --git a/qpid/cpp/etc/Makefile.am b/qpid/cpp/etc/Makefile.am
index c91dbcbbad..1e4db561a7 100644
--- a/qpid/cpp/etc/Makefile.am
+++ b/qpid/cpp/etc/Makefile.am
@@ -30,30 +30,7 @@ nobase_sysconf_DATA = \
 	qpidd.conf
 
 if HAVE_SASL
-SASL_DB = qpidd.sasldb
-
 nobase_sysconf_DATA += \
 	$(SASL_CONF)
 
-sasldbdir = $(localstatedir)/lib/qpidd
-sasldb_DATA = $(SASL_DB)
-
-# Setup the default sasldb file with a single user, guest, with an
-# obvious password. This user and password are the default for many
-# clients.
-#
-# The realm specified by -u is very important, and QPID is the default
-# for the broker so we use it here. The realm is important because it
-# defaults to the local hostname of the machine running the
-# broker. This may not seem to bad at first glance, but it means that
-# the sasldb has to be tailored to each machine that would be running
-# a broker, and if the machine ever changed its name the
-# authentication would stop working until the sasldb was updated. For
-# these reasons we always want the broker to specify a realm where its
-# users live, and we want the users to exist in that realm as well.
-$(SASL_DB):
-	echo guest | $(SASL_PASSWD) -c -p -f $(SASL_DB) -u QPID guest
-
-CLEANFILES=$(SASL_DB)
-
 endif
diff --git a/qpid/cpp/etc/qpidd.conf b/qpid/cpp/etc/qpidd.conf
index 8082660f6f..bfe4e38bbd 100644
--- a/qpid/cpp/etc/qpidd.conf
+++ b/qpid/cpp/etc/qpidd.conf
@@ -21,4 +21,4 @@
 #
 # (Note: no spaces on either side of '='). Using default settings:
 # "qpidd --help" or "man qpidd" for more details.
-cluster-mechanism=ANONYMOUS
+cluster-mechanism=DIGEST-MD5 ANONYMOUS
diff --git a/qpid/cpp/etc/sasl2/qpidd.conf b/qpid/cpp/etc/sasl2/qpidd.conf
index 3197d7792a..d766cb8ef8 100644
--- a/qpid/cpp/etc/sasl2/qpidd.conf
+++ b/qpid/cpp/etc/sasl2/qpidd.conf
@@ -17,8 +17,8 @@
 # under the License.
 #
 #
-# This configuation allows for either SASL PLAIN or ANONYMOUS
-# authentication. The PLAIN authentication is done on a
+# This configuation allows for either SASL ANONYMOUS or DIGEST-MD5
+# authentication. The DIGEST-MD5 authentication is done on a
 # username+password, which is stored in the sasldb_path
 # file. Usernames and passwords can be added to the file using the
 # command:
@@ -39,6 +39,7 @@
 pwcheck_method: auxprop
 auxprop_plugin: sasldb
 sasldb_path: /var/lib/qpidd/qpidd.sasldb
+mech_list: DIGEST-MD5 ANONYMOUS
 
 #following line stops spurious 'sql_select option missing' errors when
 #cyrus-sql-sasl plugin is installed
diff --git a/qpid/cpp/examples/qmf-console/ping.cpp b/qpid/cpp/examples/qmf-console/ping.cpp
index fe537d48d2..e6d6d138d5 100644
--- a/qpid/cpp/examples/qmf-console/ping.cpp
+++ b/qpid/cpp/examples/qmf-console/ping.cpp
@@ -31,9 +31,7 @@ using namespace qpid::console;
 int main_int(int /*argc*/, char** /*argv*/)
 {
     //
-    // Declare connection settings for the messaging broker.  The settings default to
-    // localhost:5672 with user guest (password guest).  Refer to the header file
-    // <qpid/client/ConnectionSettings.h> for full details.
+    // Declare connection settings for the messaging broker.  
     //
     qpid::client::ConnectionSettings connSettings;
 
diff --git a/qpid/cpp/examples/qmf-console/printevents.cpp b/qpid/cpp/examples/qmf-console/printevents.cpp
index 3a0a2ab68b..ac3e449a2c 100644
--- a/qpid/cpp/examples/qmf-console/printevents.cpp
+++ b/qpid/cpp/examples/qmf-console/printevents.cpp
@@ -64,9 +64,7 @@ struct Main {
         Listener listener;
 
         //
-        // Declare connection settings for the messaging broker.  The settings default to
-        // localhost:5672 with user guest (password guest).  Refer to the header file
-        // <qpid/client/ConnectionSettings.h> for full details.
+        // Declare connection settings for the messaging broker.  
         //
         qpid::client::ConnectionSettings connSettings;
 
diff --git a/qpid/cpp/include/qpid/agent/ManagementAgent.h b/qpid/cpp/include/qpid/agent/ManagementAgent.h
index e2451244c1..10bc6527a9 100644
--- a/qpid/cpp/include/qpid/agent/ManagementAgent.h
+++ b/qpid/cpp/include/qpid/agent/ManagementAgent.h
@@ -110,8 +110,8 @@ class ManagementAgent
                       uint16_t intervalSeconds = 10,
                       bool useExternalThread = false,
                       const std::string& storeFile = "",
-                      const std::string& uid = "guest",
-                      const std::string& pwd = "guest",
+                      const std::string& uid = "",
+                      const std::string& pwd = "",
                       const std::string& mech = "PLAIN",
                       const std::string& proto = "tcp") = 0;
 
diff --git a/qpid/cpp/include/qpid/client/Connection.h b/qpid/cpp/include/qpid/client/Connection.h
index 2477bf4800..c0db0f301d 100644
--- a/qpid/cpp/include/qpid/client/Connection.h
+++ b/qpid/cpp/include/qpid/client/Connection.h
@@ -102,8 +102,8 @@ class QPID_CLIENT_CLASS_EXTERN Connection
      * within a single broker).
      */
     QPID_CLIENT_EXTERN void open(const std::string& host, int port = 5672,
-              const std::string& uid = "guest",
-              const std::string& pwd = "guest",
+              const std::string& uid = "",
+              const std::string& pwd = "",
               const std::string& virtualhost = "/", uint16_t maxFrameSize=65535);
 
     /**
@@ -124,8 +124,8 @@ class QPID_CLIENT_CLASS_EXTERN Connection
      * within a single broker).
      */
     QPID_CLIENT_EXTERN void open(const Url& url,
-              const std::string& uid = "guest",
-              const std::string& pwd = "guest",
+              const std::string& uid = "",
+              const std::string& pwd = "",
               const std::string& virtualhost = "/", uint16_t maxFrameSize=65535);
 
     /**
diff --git a/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h b/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h
index bf340777d1..53f3c13a91 100644
--- a/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h
+++ b/qpid/cpp/src/qpid/agent/ManagementAgentImpl.h
@@ -62,8 +62,8 @@ class ManagementAgentImpl : public ManagementAgent, public client::MessageListen
               uint16_t intervalSeconds = 10,
               bool useExternalThread = false,
               const std::string& storeFile = "",
-              const std::string& uid = "guest",
-              const std::string& pwd = "guest",
+              const std::string& uid = "",
+              const std::string& pwd = "",
               const std::string& mech = "PLAIN",
               const std::string& proto = "tcp");
     void init(const management::ConnectionSettings& settings,
diff --git a/qpid/cpp/src/tests/cluster_tests.py b/qpid/cpp/src/tests/cluster_tests.py
index bfc44abfef..807e9508c3 100755
--- a/qpid/cpp/src/tests/cluster_tests.py
+++ b/qpid/cpp/src/tests/cluster_tests.py
@@ -829,8 +829,8 @@ class LongTests(BrokerTest):
                  "--base-name", str(qpid.datatypes.uuid4()), "--port", broker.port()],
                 ["qpid-txtest", "--queue-base-name", "tx-%s"%str(qpid.datatypes.uuid4()),
                  "--port", broker.port()],
-                ["qpid-queue-stats", "-a", "localhost:%s" %(broker.port())],
-                ["testagent", "localhost", str(broker.port())] ]
+                ["qpid-queue-stats", "-a", "localhost:%s" %(broker.port())]
+                 ]
             clients.append([ClientLoop(broker, cmd) for cmd in cmds])
 
         def start_mclients(broker):