Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-6129

AMQ does not return the correct code to MQTT clients on an authentication failure

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • AMQ 7.9.2.GA
    • mqtt-protocol
    • None
    • False
    • False
    • Hide

      Please find the attached reproducer in the attached maven project (amq-test.tar.bz2). (Please note, I have used Maven to assist with dependency management.)

      Show
      Please find the attached reproducer in the attached maven project (amq-test.tar.bz2). (Please note, I have used Maven to assist with dependency management.)

      The message broker does not comply with the MQTT 3.1.1 specification during an authentication failure. The broker returns an incorrect error code should there be an authentication failure for the MQTT client.

      The broker throws an EOFException with the wrong error code:

      Connection lost (32109) - java.io.EOFException
          at org.eclipse.paho.client.mqttv3.internal.CommsReceiver.run(CommsReceiver.java:197)
          at java.base/java.lang.Thread.run(Thread.java:829)
      Caused by: java.io.EOFException
          at java.base/java.io.DataInputStream.readByte(DataInputStream.java:272)
          at org.eclipse.paho.client.mqttv3.internal.wire.MqttInputStream.readMqttWireMessage(MqttInputStream.java:92)
          at org.eclipse.paho.client.mqttv3.internal.CommsReceiver.run(CommsReceiver.java:137)
          ... 1 more

       

      Table 3.1 (Connect Return code values) in the MQTT 3.1.1 specification outlines the broker must return the value 4should there be an authentication failure.

              rhn-support-jbertram Justin Bertram
              rhn-support-tywickra Tyronne Wickramarathne
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: