You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "jiraposter@reviews.apache.org (JIRA)" <ji...@apache.org> on 2012/05/04 21:42:49 UTC
[jira] [Commented] (QPID-2393) Qpid C++ broker: request for feature
to limit number of queues per user
[ https://issues.apache.org/jira/browse/QPID-2393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13268660#comment-13268660 ]
jiraposter@reviews.apache.org commented on QPID-2393:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5015/
-----------------------------------------------------------
Review request for qpid, Alan Conway, Kim van der Riet, and Ted Ross.
Summary
-------
This patch fulfills a long-standing request to keep users from abusing broker queue resources. If a user is allowed to create one queue he then can create them by the thousdands.
The code is more of a quota than an access control but it fits naturally in the current ACL module. The implementation here is queue-centric but could be generalized to support limiting exchanges as well.
A few concerns arise:
1. This code counts/protects live requests coming in to single node. This code does not protect queues that are presisting. The concern is that a user creates his quota of persistent queues and then upon system restart the same user can create another batch of queues since the persisted queues aren't tracked. Is this a vaild concern?
2. The patch provides only a single setting for all users.
3. The patch makes no effort to replicate the queue count state across a cluster. Surely this is a problem for clusters.
This addresses bug QPID-2393.
https://issues.apache.org/jira/browse/QPID-2393
Diffs
-----
trunk/qpid/cpp/src/qpid/acl/Acl.h 1334118
trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1334118
trunk/qpid/cpp/src/qpid/acl/AclPlugin.cpp 1334118
trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1334118
trunk/qpid/cpp/src/qpid/broker/AclModule.h 1334118
trunk/qpid/cpp/src/qpid/broker/Broker.cpp 1334118
trunk/qpid/cpp/src/tests/acl.py 1334118
trunk/qpid/cpp/src/tests/run_acl_tests 1334118
Diff: https://reviews.apache.org/r/5015/diff
Testing
-------
Unit tests included.
Thanks,
Chug
> Qpid C++ broker: request for feature to limit number of queues per user
> -----------------------------------------------------------------------
>
> Key: QPID-2393
> URL: https://issues.apache.org/jira/browse/QPID-2393
> Project: Qpid
> Issue Type: Improvement
> Components: C++ Broker
> Environment: Red Hat Enterprise MRG 1.2
> Reporter: Armin Noll
>
> With issue QPID-2108 (Red Hat service request #1950278) a new feature has been introduced which allows to control via ACL the size of queues and their limit policy on user level.
> The original request contained also the requirement to gain control over the number of queues a user may create.
> ACL should be enhanced to allow specifying a maximum number of queues for a single user.
> Altogether these features shall enable the operator of a Qpid broker to keep better control over the resources.
> We will prepare a draft implementation and provide it asap.
> This request has also been reported as Red Hat service request #1992776.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org