You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Robbie Gemmell (JIRA)" <ji...@apache.org> on 2012/09/14 13:30:07 UTC

[jira] [Created] (QPID-4308) ACL v2 spec does not allow permissioning of publication to the default exchange

Robbie Gemmell created QPID-4308:
------------------------------------

             Summary: ACL v2 spec does not allow permissioning of publication to the default exchange
                 Key: QPID-4308
                 URL: https://issues.apache.org/jira/browse/QPID-4308
             Project: Qpid
          Issue Type: Bug
          Components: Java Broker
            Reporter: Robbie Gemmell


The ACL v2 spec does not allow appear to allow permissioning of the default exchange. This is okay for BIND/UNBIND operations as the default exchange role is to maintain a list of all queues and should not be directly modifiable by the user.

However, the user does need to be able to permission PUBLISH to the default exchange, but we lack a way to express it as the default exchange has no name that can be referred to in a rule.

At the moment, in the Java Broker at least we can work around:

   1. Explicitly allow all named exchanges.
      acl allow all publish exchange name=amq.direct
      acl allow all publish exchange name=amq.topic
   2. And deny all others (this will include the default exchange)
      acl deny all publish exchange



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org