activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nikola Goran Cutura (JIRA)" <>
Subject [jira] Commented: (AMQ-826) LDAP based authorization support
Date Tue, 24 Oct 2006 21:07:02 GMT
    [ ] 
Nikola Goran Cutura commented on AMQ-826:

I finished improvement together with unit test (running on external ADS). There are two assumptions
I want to confirm:

1. Composite destinations
    ACL set of a composite destination is a union of  ACL sets of each particular destination.
I deduced this from code (DefaultAuthorizationMap) and implemented the same although it does
not seem logical to me. Intersection of sets would be more appropriate, I believe. Should
I implement the intersection or leave the union?

2. Wildcard destinations
    Wildcards are given in authorization policy source (xml map or ldap or...) to allow creation
(primarily) of a destination in a certain namespace. Wildcard is ">" which means any destination.
This meaning is unlimited in depth i.e. "ActiveMQ.Advisory.>" will suffice both for "ActiveMQ.Advisory.Connection"
(> = Connection, same level) and for "ActiveMQ.Advisory.Queue.ABC123" (> = Queue.ABC123,
one level more). Is this correct? Should I leave it as it is or restrict ">" to the same
level only?

> LDAP based authorization support
> --------------------------------
>                 Key: AMQ-826
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Improvement
>            Reporter: james strachan
>         Assigned To: Nikola Goran Cutura
>         Attachments:
> Patch kindly added by ngcutura - discussion thread...

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message