activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Justin Bertram (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ARTEMIS-1263) Allow wildcards in security setting's role permissions
Date Fri, 30 Jun 2017 12:37:00 GMT

    [ https://issues.apache.org/jira/browse/ARTEMIS-1263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16070026#comment-16070026
] 

Justin Bertram commented on ARTEMIS-1263:
-----------------------------------------

What kind of back-end are you using for your user & role information?  Can you not simply
put all the required users into a single role and set the permission for that single role?
 Even if you're using a properties file it should be pretty simple.

> Allow wildcards in security setting's role permissions
> ------------------------------------------------------
>
>                 Key: ARTEMIS-1263
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1263
>             Project: ActiveMQ Artemis
>          Issue Type: New Feature
>          Components: Broker
>    Affects Versions: 2.1.0
>            Reporter: Varsha
>            Priority: Minor
>
> Allow wildcard in security setting's role permissions so that all users can perform some
operation and some operations are restricted to users. 
> For example : All users can send messages to queue. However only users who have admin
role can consume messages from queue. 
>      <security-setting match="test_queue">
>         <permission roles="amq_admin" type="createDurableQueue"/>
>         <permission roles="amq_admin" type="deleteDurableQueue"/>
>         <permission roles="amq_admin" type="createNonDurableQueue"/>
>         <permission roles="amq_admin" type="deleteNonDurableQueue"/>
>         <permission roles="amq_admin" type="consume"/>
>         <permission roles="*" type="send"/>
>         <permission roles="amq_admin" type="createAddress"/>
>         <permission roles="amq_admin" type="deleteAddress"/>
>         <permission roles="amq_admin" type="browse"/>
>         <permission roles="amq_admin" type="manage"/>
>       </security-setting>
> Note: Adding all users in role where count is 300+ or disabling security does not seems
to be feasible solution. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message