You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Robbie Gemmell (JIRA)" <ji...@apache.org> on 2012/09/14 13:30:07 UTC
[jira] [Created] (QPID-4308) ACL v2 spec does not allow
permissioning of publication to the default exchange
Robbie Gemmell created QPID-4308:
------------------------------------
Summary: ACL v2 spec does not allow permissioning of publication to the default exchange
Key: QPID-4308
URL: https://issues.apache.org/jira/browse/QPID-4308
Project: Qpid
Issue Type: Bug
Components: Java Broker
Reporter: Robbie Gemmell
The ACL v2 spec does not allow appear to allow permissioning of the default exchange. This is okay for BIND/UNBIND operations as the default exchange role is to maintain a list of all queues and should not be directly modifiable by the user.
However, the user does need to be able to permission PUBLISH to the default exchange, but we lack a way to express it as the default exchange has no name that can be referred to in a rule.
At the moment, in the Java Broker at least we can work around:
1. Explicitly allow all named exchanges.
acl allow all publish exchange name=amq.direct
acl allow all publish exchange name=amq.topic
2. And deny all others (this will include the default exchange)
acl deny all publish exchange
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org