QPID-3652: Fix cluster authentication.
Review Request #2988 - Created Dec. 1, 2011 and submitted
QPID-3652: Fix cluster authentication. Only allow brokers that authenticate as the cluster-username to join a cluster. New broker first connects to a cluster broker authenticates as the cluster-username and sends its CPG member ID to the qpid.cluster-credentials exchange. The cluster broker that subsequently acts as updater verifies that the credentials are valid before connecting to give the update. NOTE: If you are using an ACL, the cluster-username must be allowed to publish to the qpid.cluster-credentials exchange. E.g. in your ACL file: acl allow foo@QPID publish exchange name=qpid.cluster-credentials
3 new tests in cluster_tests.py, tested by hand with ANONYMOUS, PLAIN and DIGEST-MD5 mechanisms.
Posted (Dec. 5, 2011, 6:44 p.m.)