log session sasl auth?
31 views
Skip to first unread message
ralph.p...@gmail.com
Aug 4, 2019, 2:02:50 PM8/4/19
to bus1-devel
Hi,
I‘ve problems connecting to dbus-broker with a dbus-java based app on Fedora 30.
Is there a way to log the authentication process server side?
Thanks.
Kind regards,
Ralph
I‘ve problems connecting to dbus-broker with a dbus-java based app on Fedora 30.
Is there a way to log the authentication process server side?
Thanks.
Kind regards,
Ralph
David Rheinsberg
Aug 6, 2019, 10:52:17 AM8/6/19
to ralph.p...@gmail.com, bus1-devel, Tom Gundersen
Hey
On Sun, Aug 4, 2019 at 8:02 PM <ralph.p...@gmail.com> wrote:
> I‘ve problems connecting to dbus-broker with a dbus-java based app on Fedora 30.
> Is there a way to log the authentication process server side?
There is no such tool. Can you elaborate what the problem is? Do you
have an example we can run ourselves?
Thanks
David
On Sun, Aug 4, 2019 at 8:02 PM <ralph.p...@gmail.com> wrote:
> I‘ve problems connecting to dbus-broker with a dbus-java based app on Fedora 30.
> Is there a way to log the authentication process server side?
have an example we can run ourselves?
Thanks
David
Ralph Plawetzki
Aug 6, 2019, 12:00:31 PM8/6/19
to David Rheinsberg, bus1-devel, Tom Gundersen
Hi David,
thanks, I could strace one of the pids of dbus-broker.
That did the job.
https://github.com/cryptomator/cryptomator/issues/935#issuecomment-518551419
Kind regards,
Ralph
David Rheinsberg
Aug 8, 2019, 6:57:22 AM8/8/19
to Ralph Plawetzki, bus1-devel, Tom Gundersen
Hi
On Tue, Aug 6, 2019 at 6:00 PM Ralph Plawetzki
<ralph.p...@gmail.com> wrote:
> thanks, I could strace one of the pids of dbus-broker.
>
> That did the job.
>
> https://github.com/cryptomator/cryptomator/issues/935#issuecomment-518551419
Yeah, some time ago SASL-EXTERNAL authentication with user-names was
disabled, since it allows clients to deadlock the system. dbus-broker
never even supported it for those reasons. Unfortunately, the
dbus-java client-implementation sometimes falls back to user-names.
This happens when this module is not available:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Reading through the cryptomator issue I suspect that the AppImage
module uses a different java runtime which does not provide this
module. I verified the traces you provided, and they all look correct
and match the behavior the java-dbus code shows.
If you want to verify that this is indeed the issue, you can try
running this snippet manually in the AppImage module and see whether
it fails:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Method m = c.getMethod("getUid");
Object o = c.newInstance();
long uid = (Long) m.invoke(o);
Thanks
David
On Tue, Aug 6, 2019 at 6:00 PM Ralph Plawetzki
<ralph.p...@gmail.com> wrote:
> thanks, I could strace one of the pids of dbus-broker.
>
> That did the job.
>
> https://github.com/cryptomator/cryptomator/issues/935#issuecomment-518551419
disabled, since it allows clients to deadlock the system. dbus-broker
never even supported it for those reasons. Unfortunately, the
dbus-java client-implementation sometimes falls back to user-names.
This happens when this module is not available:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Reading through the cryptomator issue I suspect that the AppImage
module uses a different java runtime which does not provide this
module. I verified the traces you provided, and they all look correct
and match the behavior the java-dbus code shows.
If you want to verify that this is indeed the issue, you can try
running this snippet manually in the AppImage module and see whether
it fails:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Method m = c.getMethod("getUid");
Object o = c.newInstance();
long uid = (Long) m.invoke(o);
Thanks
David
ralph.p...@gmail.com
Aug 8, 2019, 8:35:51 AM8/8/19
to bus1-devel
Hi,
Am Donnerstag, 8. August 2019 12:57:22 UTC+2 schrieb David Rheinsberg:
Yeah, some time ago SASL-EXTERNAL authentication with user-names was
disabled, since it allows clients to deadlock the system. dbus-broker
never even supported it for those reasons. Unfortunately, the
dbus-java client-implementation sometimes falls back to user-names.
This happens when this module is not available:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Thanks for the explanation.
If you want to verify that this is indeed the issue, you can try
running this snippet manually in the AppImage module and see whether
it fails:
Class c = Class.forName("com.sun.security.auth.module.UnixSystem");
Method m = c.getMethod("getUid");
Object o = c.newInstance();
long uid = (Long) m.invoke(o);
Thanks for the hint. I'll use this and explore the AppImage issue further.
Kind regards,
Ralph
Reply all
Reply to author
Forward
0 new messages