[rabbitmq-discuss] rabbitmq-auth-mechanism-ssl plugin, TCP, SASL EXTERNAL

Simon MacMullen simon at rabbitmq.com
Fri Feb 11 10:29:11 GMT 2011

On 10/02/11 23:45, Warren Smith wrote:
> To make a long story short: Should RabbitMQ be offering SASL EXTERNAL
> when the client connects using TCP (without SSL)? Or is it doing this
> because I’ve made a configuration mistake?

Hmm. That's by design, sort of. The idea is that the server always 
announces the same mechanisms. That may not be ideal, as you've noted.

>  I worked
> around this when using the Java client by creating a class that
> implements SaslConfig that only specifies PLAIN and setSaslConfig() to
> this on the ConnectionFactory.

That sounds like the best thing to do ATM.

I'll have a think about this and see if we can prevent EXTERNAL from 
being announced on non-SSL connections.

Cheers, Simon
Simon MacMullen
Staff Engineer, RabbitMQ
SpringSource, a division of VMware

More information about the rabbitmq-discuss mailing list