In broker::ConectionHandler, use the security settings, if any,

provided by the transport layer when starting SASL. This allows the SASL mechanism EXTERNAL to be satisfied with SSL transport security. The test, sasl_fed_ex, uses this SASL/SSL security on a federated link between two brokers. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1050162 13f79535-47bb-0310-9956-ffa450edef68
author: Michael Goulish <mgoulish@apache.org> 2010-12-16 21:10:38 +0000
committer: Michael Goulish <mgoulish@apache.org> 2010-12-16 21:10:38 +0000
commit: 3f6e6e7dd760661b572256f778ff523c3db8ecba (patch)
tree: 2efe67efabf2a011b5aeffd011897ef3008ee953 /cpp/src/qpid
parent: d31ec31c41f54d21afd0c8c0fd0af043eac76216 (diff)
download: qpid-python-3f6e6e7dd760661b572256f778ff523c3db8ecba.tar.gz
2 files changed, 8 insertions, 11 deletions
diff --git a/cpp/src/qpid/broker/ConnectionHandler.cpp b/cpp/src/qpid/broker/ConnectionHandler.cpp
index 9843c16326..3f97e5b9de 100644
--- a/cpp/src/qpid/broker/ConnectionHandler.cpp
+++ b/cpp/src/qpid/broker/ConnectionHandler.cpp
@@ -239,9 +239,9 @@ void ConnectionHandler::Handler::start(const FieldTable& serverProperties,
                                        const framing::Array& /*locales*/)
 {
     string requestedMechanism = connection.getAuthMechanism();
-    string response  = connection.getAuthCredentials();
 
     std::string username = connection.getUsername();
+
     std::string password = connection.getPassword();
     std::string host     = connection.getHost();
     std::string service("qpidd");
@@ -298,19 +298,17 @@ void ConnectionHandler::Handler::start(const FieldTable& serverProperties,
     ft.setInt(QPID_FED_LINK,1);
     ft.setString(QPID_FED_TAG, connection.getBroker().getFederationTag());
 
+    string response;
     if (sasl.get()) {
-        string response =
-            sasl->start ( requestedMechanism.empty()
-                              ? supportedMechanismsList
-                              : requestedMechanism,
-                          getSecuritySettings 
-                              ? getSecuritySettings()
-                              : 0
-                        );
+        const qpid::sys::SecuritySettings& ss = connection.getExternalSecuritySettings();
+        response = sasl->start ( requestedMechanism.empty()
+                                 ? supportedMechanismsList
+                                 : requestedMechanism,
+                                 & ss );
         proxy.startOk ( ft, sasl->getMechanism(), response, en_US );
     }
     else {
-        string response = ((char)0) + username + ((char)0) + password;
+        response = ((char)0) + username + ((char)0) + password;
         proxy.startOk ( ft, requestedMechanism, response, en_US );
     }
 
diff --git a/cpp/src/qpid/broker/ConnectionHandler.h b/cpp/src/qpid/broker/ConnectionHandler.h
index 70882a24e9..b32167669e 100644
--- a/cpp/src/qpid/broker/ConnectionHandler.h
+++ b/cpp/src/qpid/broker/ConnectionHandler.h
@@ -91,7 +91,6 @@ class ConnectionHandler : public framing::FrameHandler
 
         std::auto_ptr<Sasl> sasl;
         typedef boost::function<const qpid::sys::SecuritySettings*()> GetSecuritySettings;
-        GetSecuritySettings  getSecuritySettings;     /* query the transport for its security details */
         std::string saslUserId;
         uint16_t maxFrameSize;
     };
author	Michael Goulish <mgoulish@apache.org>	2010-12-16 21:10:38 +0000
committer	Michael Goulish <mgoulish@apache.org>	2010-12-16 21:10:38 +0000
commit	3f6e6e7dd760661b572256f778ff523c3db8ecba (patch)
tree	2efe67efabf2a011b5aeffd011897ef3008ee953 /cpp/src/qpid
parent	d31ec31c41f54d21afd0c8c0fd0af043eac76216 (diff)
download	qpid-python-3f6e6e7dd760661b572256f778ff523c3db8ecba.tar.gz