-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[QUERY] How do we test for AMQP over TLS? #36838
Comments
Hi @arunprakashn. I'm sorry to say that the approach that you've been using will not validate that AMQP connectivity is possible; the In order to validate AMQP connectivity, you'll need to trigger an AMQP-based operation. My suggestion would be to use the ServiceBusRuleManager, which you can create from the |
Hi @arunprakashn. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation. |
Thanks @jsquire I have some follow-up questions-
|
Anything that is accessible from |
@jsquire Thank you. That means if I create a ServiceBusClient and try to send a message to a non-existent queue, it will be using AMQPS and I can catch the exception "MessagingEntityNotFound" and ensure that the AMQPS can happen. If due to network/firewall reasons, then I will be getting "MessagingCommunicationException" Is my understanding correct? I have another observation - In the below code, the error is "MessagingEntityNotFound" exception. Even if I use an incorrect key and keyname, it still correctly tells that the entity is not found. IMHO, if the credentials are incorrect, shouldn't the error be something "BadCredentials" instead of "EntityNotFound". This means, with a valid SB FQDN, I can make multiple calls to probe whether some entity exists or not without proper credentials. Right? I am getting "Unauthorized" only if I use correct queue name.
|
Conceptually, yes - but the details are incorrect. Those exceptions that you're linking are from one of the legacy generation packages, so that statement is not accurate. Please see this section of the Service Bus troubleshooting guide for error specifics.
This is a service behavior and not something that the client can control or influence. When you request a service operation, the service will first attempt to locate the proper node for the entity that you'd like to work against. It does this before it authorizes you, so if you ask for a non-existent entity, then the "not found" will be triggered and authorization is not checked. |
Library name and version
Azure.Messaging.Servicebus 7.14.0
Query/Question
I have an application that uses Azure.Messaging.ServiceBus library to send/receive messages to/from service bus. This application is deployed to various clients.
I was using the previous Microsoft.Azure.ServiceBus nuget and this code is kind of used as a "connectivity check" to inform the users whether their network/firewall configurations are in place.
var serviceBusConnectionStringBuilder = new ServiceBusConnectionStringBuilder(endPoint, queueName, sasToken, Microsoft.Azure.ServiceBus.TransportType.Amqp); ManagementClient client = new ManagementClient(serviceBusConnectionStringBuilder); isExists = client.QueueExistsAsync(queueName).GetAwaiter().GetResult();
The mainstream code to send/receive was upgraded to use Azure.Messaging.ServiceBus and post-upgrade users complained that the connection is not happening. I realized that the AMQP over TLS was denied by the PaloAlto firewall.
Will the "healthcheck" code check for the AMQP over TLS or just the AMQP? If I upgrade the "healthcheck" code also to use the latest sdk, will that try to use AMQP over TLS and can I determine whether AMQPS is enabled in their firewall?
The health-check code just checks for the presence of a queue. Should I make it to "sending a dummy message" to acheive the AMQPS attempt?
Any thoughts?
Environment
No response
The text was updated successfully, but these errors were encountered: