activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiram Chirino <hi...@hiramchirino.com>
Subject Re: Apollo: Custom ACL Module
Date Mon, 13 Aug 2012 17:17:52 GMT
Well, we love patches!  If you want to implement a pluggable interface to
the ACL bits please do so and send us a patch.

On Mon, Aug 13, 2012 at 10:48 AM, 梁振警 <liangzhenjing@gmail.com> wrote:

> That might work, but I think it just a "dirty" workaround.
>
> In my system, many clients connect to the server and subscribe a queue,
> and I want  to restricted them CAN ONLY subscribe to a queue belong to
> themselves. If not, a misbehaved client may subscribe to a destination like
> "/queue/**" and "hijack" other clients' messages.
>
> I think if Apollo provides a plug-able interface (like Custom Login
> Module) will resolved this problem.
>
> On Aug 10, 2012, at 8:38 PM, Hiram Chirino <hiram@hiramchirino.com> wrote:
>
> > Well, you could also just run a process which writes a new apollo.xml
> file
> > with the ACL rules queried from the DB periodically but then your
> updating
> > your disk constantly which is not as ideal.
> >
> > On Fri, Aug 10, 2012 at 8:36 AM, Hiram Chirino <hiram@hiramchirino.com
> >wrote:
> >
> >> The one way to you can do it today is to start up apollo as embedded
> >> broker so that you can programatic control of it's configurations.  You
> can
> >> find an example of this at:
> >>
> >>
> >>
> https://github.com/apache/activemq-apollo/blob/trunk/apollo-distro/src/main/release/examples/java-embedded-broker/src/main/java/example/EmbeddedBroker.java
> >>
> >> You then periodically poll your database for all the ACL rules and
> update
> >> the configuration when the the ACL rules.  Apollo is smart enough to
> apply
> >> configuration changes like ACL rule updates without disrupting services.
> >>
> >>
> >> On Fri, Aug 10, 2012 at 4:50 AM, LiANG ZHENJiNG <
> liangzhenjing@gmail.com>wrote:
> >>
> >>> i know i can i that. but what i looking for is a Dynamic ACL solution,
> >>> that means
> >>> i can decide who can access a resource base on some settings saved on
> my
> >>> db.
> >>>
> >>> is there any way to do this?
> >>>
> >>> 在 2012-8-10,4:09,Hiram Chirino <hiram@hiramchirino.com> 写道:
> >>>
> >>>> add:
> >>>>
> >>>> <access_rule allow="12345" action="receive consume" kind="queue"
> >>> id="12345"/>
> >>>>
> >>>>
> >>>> to your xml config.
> >>>>
> >>>> On Thu, Aug 9, 2012 at 8:48 AM, 梁振警 <liangzhenjing@gmail.com>
wrote:
> >>>>
> >>>>> Hi all,
> >>>>>
> >>>>> Is there any way to control wether a user can subscribe to a
> >>> topic/queue?
> >>>>>
> >>>>> for example, I want user (id=12345)  can only subscribe to
> >>> /queue/12345,
> >>>>> is there any to do this?
> >>>>>
> >>>>> --
> >>>>> Zhenjing Liang
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>>> --
> >>>>
> >>>> **
> >>>>
> >>>> *Hiram Chirino*
> >>>>
> >>>> *Software Fellow | FuseSource Corp.*
> >>>>
> >>>> *chirino@fusesource.com | fusesource.com*
> >>>>
> >>>> *skype: hiramchirino | twitter: @hiramchirino<
> >>> http://twitter.com/hiramchirino>
> >>>> *
> >>>>
> >>>> *blog: Hiram Chirino's Bit Mojo <http://hiramchirino.com/blog/>*
> >>>>
> >>>> *
> >>>> *
> >>>>
> >>>> *
> >>>> *
> >>>
> >>
> >>
> >>
> >> --
> >>
> >> **
> >>
> >> *Hiram Chirino*
> >>
> >> *Software Fellow | FuseSource Corp.*
> >>
> >> *chirino@fusesource.com | fusesource.com*
> >>
> >> *skype: hiramchirino | twitter: @hiramchirino<
> http://twitter.com/hiramchirino>
> >> *
> >>
> >> *blog: Hiram Chirino's Bit Mojo <http://hiramchirino.com/blog/>*
> >>
> >> *
> >> *
> >>
> >> *
> >> *
> >>
> >>
> >>
> >
> >
> > --
> >
> > **
> >
> > *Hiram Chirino*
> >
> > *Software Fellow | FuseSource Corp.*
> >
> > *chirino@fusesource.com | fusesource.com*
> >
> > *skype: hiramchirino | twitter: @hiramchirino<
> http://twitter.com/hiramchirino>
> > *
> >
> > *blog: Hiram Chirino's Bit Mojo <http://hiramchirino.com/blog/>*
> >
> > *
> > *
> >
> > *
> > *
>
>


-- 

**

*Hiram Chirino*

*Software Fellow | FuseSource Corp.*

*chirino@fusesource.com | fusesource.com*

*skype: hiramchirino | twitter: @hiramchirino<http://twitter.com/hiramchirino>
*

*blog: Hiram Chirino's Bit Mojo <http://hiramchirino.com/blog/>*

*
*

*
*

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message