diff options
| author | Alan Conway <aconway@apache.org> | 2011-12-06 15:56:40 +0000 | 
|---|---|---|
| committer | Alan Conway <aconway@apache.org> | 2011-12-06 15:56:40 +0000 | 
| commit | 50083a9b6553d832856bc7d402dd186f74d80254 (patch) | |
| tree | b6b0c097cd643e51b7c1615e6b2f8c2aca850efa /cpp/src/tests/InitialStatusMap.cpp | |
| parent | efd035d01dd87dd146f3fc6aacabc8c28b10316d (diff) | |
| download | qpid-python-50083a9b6553d832856bc7d402dd186f74d80254.tar.gz | |
QPID-3652: Fix cluster authentication.
Only allow brokers that authenticate as the cluster-username to join a cluster.
New broker first connects to  a cluster broker authenticates as the cluster-username
and sends its CPG member ID to the qpid.cluster-credentials exchange.
The cluster broker that subsequently acts as updater verifies that the credentials are
valid before connecting to give the update.
NOTE 1: If you are using an ACL, the cluster-username must be allowed to
publish to the qpid.cluster-credentials exchange. E.g. in your ACL file:
acl allow foo@QPID publish exchange name=qpid.cluster-credentials
NOTE 2: This changes the cluster initialization protocol, you will
need to restart the cluster with all new version brokers.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1210989 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src/tests/InitialStatusMap.cpp')
| -rw-r--r-- | cpp/src/tests/InitialStatusMap.cpp | 18 | 
1 files changed, 11 insertions, 7 deletions
| diff --git a/cpp/src/tests/InitialStatusMap.cpp b/cpp/src/tests/InitialStatusMap.cpp index ecbe2d4161..95806737e3 100644 --- a/cpp/src/tests/InitialStatusMap.cpp +++ b/cpp/src/tests/InitialStatusMap.cpp @@ -36,21 +36,25 @@ QPID_AUTO_TEST_SUITE(InitialStatusMapTestSuite)  typedef InitialStatusMap::Status Status; -Status activeStatus(const Uuid& id=Uuid(), const MemberSet& ms=MemberSet()) { +Status activeStatus(const Uuid& id=Uuid(), const MemberSet& ms=MemberSet(), +                    const framing::Array& urls=framing::Array()) +{      return Status(ProtocolVersion(), 0, true, id, STORE_STATE_NO_STORE, Uuid(), -                  encodeMemberSet(ms)); +                  encodeMemberSet(ms), urls);  } -Status newcomerStatus(const Uuid& id=Uuid(), const MemberSet& ms=MemberSet()) { +Status newcomerStatus(const Uuid& id=Uuid(), const MemberSet& ms=MemberSet(), +                      const framing::Array& urls=framing::Array()) +{      return Status(ProtocolVersion(), 0, false, id, STORE_STATE_NO_STORE, Uuid(), -                  encodeMemberSet(ms)); +                  encodeMemberSet(ms), urls);  }  Status storeStatus(bool active, StoreState state, Uuid start=Uuid(), Uuid stop=Uuid(), -                   const MemberSet& ms=MemberSet()) +                   const MemberSet& ms=MemberSet(), const framing::Array& urls=framing::Array())  { -    return Status(ProtocolVersion(), 0, active, start, state, stop,  -                  encodeMemberSet(ms)); +    return Status(ProtocolVersion(), 0, active, start, state, stop, +                  encodeMemberSet(ms), urls);  }  QPID_AUTO_TEST_CASE(testFirstInCluster) { | 
