diff options
| author | Michael Goulish <mgoulish@apache.org> | 2011-08-11 12:49:39 +0000 |
|---|---|---|
| committer | Michael Goulish <mgoulish@apache.org> | 2011-08-11 12:49:39 +0000 |
| commit | 07b24b144736892d4df9b79bd4ae2e518ab93205 (patch) | |
| tree | 4767a70480d60422dd26111681e23c0e968faad3 | |
| parent | afbb72c078507dcd5b9bd286fd17dca2d8f274cb (diff) | |
| download | qpid-python-07b24b144736892d4df9b79bd4ae2e518ab93205.tar.gz | |
two new management properties for connections: the sasl mechanism, and the ssf (security strength factor). also a change to logging level of one message, so that when we see the list of mechanisms, we will always also see which one was chosen.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1156604 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | cpp/src/qpid/broker/SaslAuthenticator.cpp | 9 | ||||
| -rw-r--r-- | specs/management-schema.xml | 2 |
2 files changed, 10 insertions, 1 deletions
diff --git a/cpp/src/qpid/broker/SaslAuthenticator.cpp b/cpp/src/qpid/broker/SaslAuthenticator.cpp index 07d5045852..12a13ccfe6 100644 --- a/cpp/src/qpid/broker/SaslAuthenticator.cpp +++ b/cpp/src/qpid/broker/SaslAuthenticator.cpp @@ -381,13 +381,17 @@ void CyrusAuthenticator::start(const string& mechanism, const string& response) const char *challenge; unsigned int challenge_len; - QPID_LOG(debug, "SASL: Starting authentication with mechanism: " << mechanism); + // This should be at same debug level as mech list in getMechanisms(). + QPID_LOG(info, "SASL: Starting authentication with mechanism: " << mechanism); int code = sasl_server_start(sasl_conn, mechanism.c_str(), response.size() ? response.c_str() : 0, response.length(), &challenge, &challenge_len); processAuthenticationStep(code, challenge, challenge_len); + qmf::org::apache::qpid::broker::Connection* cnxMgmt = connection.getMgmtObject(); + if ( cnxMgmt ) + cnxMgmt->set_saslMechanism(mechanism); } void CyrusAuthenticator::step(const string& response) @@ -461,6 +465,9 @@ std::auto_ptr<SecurityLayer> CyrusAuthenticator::getSecurityLayer(uint16_t maxFr if (ssf) { securityLayer = std::auto_ptr<SecurityLayer>(new CyrusSecurityLayer(sasl_conn, maxFrameSize)); } + qmf::org::apache::qpid::broker::Connection* cnxMgmt = connection.getMgmtObject(); + if ( cnxMgmt ) + cnxMgmt->set_saslSsf(ssf); return securityLayer; } diff --git a/specs/management-schema.xml b/specs/management-schema.xml index 9f54b0cd31..d43ee1b69c 100644 --- a/specs/management-schema.xml +++ b/specs/management-schema.xml @@ -262,6 +262,8 @@ <property name="remotePid" type="uint32" access="RO" optional="y" desc="Process ID of remote client"/> <property name="remoteParentPid" type="uint32" access="RO" optional="y" desc="Parent Process ID of remote client"/> <property name="shadow" type="bool" access="RO" desc="True for shadow connections"/> + <property name="saslMechanism" type="sstr" access="RO" desc="SASL mechanism"/> + <property name="saslSsf" type="uint16" access="RO" desc="SASL security strength factor"/> <statistic name="closing" type="bool" desc="This client is closing by management request"/> <statistic name="framesFromClient" type="count64"/> <statistic name="framesToClient" type="count64"/> |