Chapter 3. Resolved Issues

ENTMQIC-1014 - CLI tools fail with no useful error in some SASL configurations

By default, even with authenticatePeer: no, previous versions of the router were offering all available SASL mechanisms to clients (unless saslMechanisms was set explicitly) This meant that if GSS mechanisms were enabled on the host for other purposes, but not configured for the router, they would be preferred over the less secure ANONYMOUS mechanism and fail. In the current release, only ANONYMOUS is offered when setting authenticatePeer: no and any client can connect anonymously.