summaryrefslogtreecommitdiff
path: root/qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml
diff options
context:
space:
mode:
Diffstat (limited to 'qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml')
-rw-r--r--qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml377
1 files changed, 0 insertions, 377 deletions
diff --git a/qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml b/qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml
deleted file mode 100644
index 74546693df..0000000000
--- a/qpid/doc/book/src/cpp-broker/Qpid-Interoperability-Documentation.xml
+++ /dev/null
@@ -1,377 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!--
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
-
-<section role="h2" id="QpidInteroperabilityDocumentation-QpidInteroperabilityDocumentation">
- <title>Qpid Interoperability Documentation</title>
-
- <para>
- This page documents the various interoperable features of the
- Qpid clients.
- </para>
- <section role="h3" id="QpidInteroperabilityDocumentation-SASL"><title>
- SASL
- </title>
-
- <para>
-
- </para>
- <section role="h4" id="QpidInteroperabilityDocumentation-StandardMechanisms"><title>
- Standard
- Mechanisms
- </title>
-
- <para>
- <ulink url="http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer#SASL_mechanisms"/>
- </para><para>
- This table list the various SASL mechanisms that each component
- supports. The version listed shows when this
- functionality was added to the product.
- </para><table><title>SASL Mechanism Support</title><tgroup cols="7">
- <tbody>
- <row>
- <entry>
- Component
- </entry>
- <entry>
- ANONYMOUS
- </entry>
- <entry>
- CRAM-MD5
- </entry>
- <entry>
- DIGEST-MD5
- </entry>
- <entry>
- EXTERNAL
- </entry>
- <entry>
- GSSAPI/Kerberos
- </entry>
- <entry>
- PLAIN
- </entry>
- </row>
- <row>
- <entry>
- C++ Broker
- </entry>
- <entry>
- M3[<xref linkend="QpidInteroperabilityDocumentation-1"/>]
- </entry>
- <entry>
- M3[<xref linkend="QpidInteroperabilityDocumentation-1"/>,<xref linkend="QpidInteroperabilityDocumentation-2"/>]
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M3[<xref linkend="QpidInteroperabilityDocumentation-1"/>,<xref linkend="QpidInteroperabilityDocumentation-2"/>]
- </entry>
- <entry>
- M1
- </entry>
- </row>
- <row>
- <entry>
- C++ Client
- </entry>
- <entry>
- M3[<xref linkend="QpidInteroperabilityDocumentation-1"/>]
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M1
- </entry>
- </row>
- <row>
- <entry>
- Java Broker
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M1
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M1
- </entry>
- </row>
- <row>
- <entry>
- Java Client
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M1
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M1
- </entry>
- </row>
- <row>
- <entry>
- .Net Client
- </entry>
- <entry>
- M2
- </entry>
- <entry>
- M2
- </entry>
- <entry>
- M2
- </entry>
- <entry>
- M2
- </entry>
- <entry>
-  
- </entry>
- <entry>
- M2
- </entry>
- </row>
- <row>
- <entry>
- Python Client
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- ?
- </entry>
- </row>
- <row>
- <entry>
- Ruby Client
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- <entry>
- ?
- </entry>
- </row>
- </tbody>
- </tgroup></table>
-
- <para id="QpidInteroperabilityDocumentation-1">
- 1: Support for these will be in M3 (currently available on
- trunk).
- </para>
-
- <para id="QpidInteroperabilityDocumentation-2">2: C++ Broker uses <ulink url="http://freshmeat.net/projects/cyrussasl/">Cyrus SASL</ulink> which
- supports CRAM-MD5 and GSSAPI but these have not been tested yet
- </para>
-<!--h4--></section>
-
- <section role="h4" id="QpidInteroperabilityDocumentation-CustomMechanisms"><title>
- Custom
- Mechanisms
- </title>
-
- <para>
- There have been some custom mechanisms added to our
- implementations.
- </para><table><title>SASL Custom Mechanisms</title><tgroup cols="3">
- <tbody>
- <row>
- <entry>
- Component
- </entry>
- <entry>
- AMQPLAIN
- </entry>
- <entry>
- CRAM-MD5-HASHED
- </entry>
- </row>
- <row>
- <entry>
- C++ Broker
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- </row>
- <row>
- <entry>
- C++ Client
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- </row>
- <row>
- <entry>
- Java Broker
- </entry>
- <entry>
- M1
- </entry>
- <entry>
- M2
- </entry>
- </row>
- <row>
- <entry>
- Java Client
- </entry>
- <entry>
- M1
- </entry>
- <entry>
- M2
- </entry>
- </row>
- <row>
- <entry>
- .Net Client
- </entry>
- <entry>
-  
- </entry>
- <entry>
-  
- </entry>
- </row>
- <row>
- <entry>
- Python Client
- </entry>
- <entry>
- M2
- </entry>
- <entry>
-  
- </entry>
- </row>
- <row>
- <entry>
- Ruby Client
- </entry>
- <entry>
- M2
- </entry>
- <entry>
-  
- </entry>
- </row>
- </tbody>
- </tgroup></table>
-
- <section><title>AMQPLAIN</title>
- <para/>
- </section>
-
- <section><title>CRAM-MD5-HASHED</title>
- <para>
- The Java SASL implementations require that you have the password
- of the user to validate the incoming request. This then means
- that the user's password must be stored on disk. For this to be
- secure either the broker must encrypt the password file or the
- need for the password being stored must be removed.
- </para><para>
- The CRAM-MD5-HASHED SASL plugin removes the need for the plain
- text password to be stored on disk. The mechanism defers all
- functionality to the build in CRAM-MD5 module the only change is
- on the client side where it generates the hash of the password
- and uses that value as the password. This means that the Java
- Broker only need store the password hash on the file system.
- While a one way hash is not very secure compared to other forms
- of encryption in environments where the having the password in
- plain text is unacceptable this will provide and additional layer
- to protect the password. In particular this offers some
- protection where the same password may be shared amongst many
- systems. It offers no real extra protection against attacks on
- the broker (the secret is now the hash rather than the password).
- </para>
- </section>
-<!--h4--></section>
-<!--h3--></section>
-<!--h2--></section>
View Lorry Controller Status