You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2017/09/29 13:07:42 UTC
qpid-broker-j git commit: QPID-7923: [Java Broker] Improve
virtualhost ACL example
Repository: qpid-broker-j
Updated Branches:
refs/heads/master 2402b6379 -> 6128330d1
QPID-7923: [Java Broker] Improve virtualhost ACL example
Project: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/commit/6128330d
Tree: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/tree/6128330d
Diff: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/diff/6128330d
Branch: refs/heads/master
Commit: 6128330d17326a487e5afba3bb5c1549f8bc79c4
Parents: 2402b63
Author: Keith Wall <kw...@apache.org>
Authored: Fri Sep 29 14:06:29 2017 +0100
Committer: Keith Wall <kw...@apache.org>
Committed: Fri Sep 29 14:06:29 2017 +0100
----------------------------------------------------------------------
.../security/Java-Broker-Security-AccessControlProviders.xml | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/6128330d/doc/java-broker/src/docbkx/security/Java-Broker-Security-AccessControlProviders.xml
----------------------------------------------------------------------
diff --git a/doc/java-broker/src/docbkx/security/Java-Broker-Security-AccessControlProviders.xml b/doc/java-broker/src/docbkx/security/Java-Broker-Security-AccessControlProviders.xml
index 2f7964d..0fecf48 100644
--- a/doc/java-broker/src/docbkx/security/Java-Broker-Security-AccessControlProviders.xml
+++ b/doc/java-broker/src/docbkx/security/Java-Broker-Security-AccessControlProviders.xml
@@ -506,11 +506,15 @@ ACL ALLOW operator INVOKE QUEUE method_name="getMessage*"]]>
</example>
<para>
And the following ACL rule-set is applied to the Virtualhost. The default outcome of the
- Access Control Provider must be <literal>DEFERED</literal>.
+ Access Control Provider must be <literal>DEFERED</literal>. This means that if a request for
+ access is made for which there are no matching rules, the decision will be deferred to the
+ Broker so it can make a decision instead.
</para>
<example>
<title>Worked example 2 - Simple Messaging - Virtualhost ACL rules</title>
<programlisting><![CDATA[
+# Configure the rule-set to DEFER decisions that have no matching rules.
+CONFIG DEFAULTDEFER=TRUE
# Allow client and server to connect to the virtual host.
ACL ALLOW publisher ACCESS VIRTUALHOST
ACL ALLOW consumer ACCESS VIRTUALHOST
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org