[rabbitmq-discuss] Behaviour when connecting with invalid credentials
Matthew Sackman
matthew at lshift.net
Thu May 6 17:39:56 BST 2010
On Thu, May 06, 2010 at 05:25:01PM +0100, David MacIver wrote:
> If you use the Java client and try to connect to the rabbit server
> with bad credentials (e.g. dodgy password, no permissions for the
> vhost, user doesn't exist) you'll see the following:
On 22nd July 2009, at 1:29pm, Tony Garnock-Jones wrote:
> Authentication failures should be signalled to the client, either as
> part of the protocol (e.g. explicit CONNECTION.CLOSE with some error
> code), or through convention by client implementors: if the connection
> is closed during auth exchange, that's a pretty clear signal of auth
> failure, so it should be reported as such to callers.
On 22nd July 2009, at 7:08pm, Matthias Radestock wrote:
> Sending a connection.close would be in direct violation of an explicit
> (and recent) instruction to the contrary in the protocol spec (0-9-1,
> s2.2.4), and could cause (non-rabbit) clients to do all sorts of nasty
> things.
>
> OTOH, as Tony points out, a client detecting a socket closure after it
> has sent a connection.start-ok can fairly safely assume that the
> reason is an authentication failure of some sort. So I suggest we
> change all our clients to report the error with a "likely cause:
> authentication failure" description (there are other possible causes
> as well such as malformed framing, or the server or network dying for
> some unrelated reason).
Matthew
More information about the rabbitmq-discuss
mailing list