Qpid SASL authentication fails with "connection-forced: Authentication failed"
Environment
- MRG - M
Issue
- Use the following steps to configure sasl :
- Create user 'shadowman' with password 'redhat' @ QPID realm using following command :
\# saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID shadowman Password: Again (for verification):
- Verify :
\# sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb shadowman@QPID: userPassword
- Add the following in /etc/qpidd.conf file :
auth=yes realm=QPID sasl_mechs=PLAIN
- Restart qpidd and run qpid-config to test :
\# qpid-config queues -a shadowman/redhat@localhost --sasl-mechanism=PLAIN Failed: ConnectionFailed: (None, 'connection-forced: Authentication failed')
Resolution
- Check if the file /var/lib/qpidd/qpidd.sasldb is owned by the qpidd user, If not :
\# chown qpidd:qpidd /var/lib/qpidd/qpidd.sasldb
- and then run the following to test :
\# qpid-config queues -a shadowman/redhat@localhost --sasl-mechanism=PLAIN Queue Name Attributes \============================================= amq.topic.queue --durable --file-size=2048 --file-count=5 qmfc-v2-hb-mrg1.9241.1 auto-del excl --limit-policy=ring qmfc-v2-mrg1.9241.1 auto-del excl qmfc-v2-ui-mrg1.9241.1 auto-del excl --limit-policy=ring reply-mrg1.9241.1 auto-del excl topic-mrg1.9241.1 auto-del excl --limit-policy=ring
Diagnostic Steps
- Qpid SASL configuration is given here : Messaging User Guide - Security - User Authentication
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.