qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fraser Adams <fraser.ad...@blueyonder.co.uk>
Subject Re: Is it possible to set authentication to only authenticate consumers?
Date Sun, 09 Oct 2011 15:33:03 GMT
Gordon Sim wrote:
> On 10/07/2011 05:50 PM, Fraser Adams wrote:
>> What I'd quite like to be able to do is to log, but not deny if a queue
>> is created that's not one of a named set. I'm suspecting that I can't do
>> that with acl and I might have to write a QMF client to do that.
>
> I think you are right, QMF may be the simplest way to go. You can 
> quite easily get events sent out for queue creation and could then 
> check the name against an expected set and log any deviation.
So I gave this a go. This is my very first python program :-)

A bit of "copy and paste" reuse from qpid-printevents and some help from 
Mr Google. It seems to work pretty well - I added some exchangeName 
whitelisting to avoid triggering on the QMF exchanges.

As it's based on qpid-printevents it's QMF1 based which I'm less 
familiar with than QMF2, but as qpid-printevents had all the broker 
reconnection logic in place I thought I'd stick with that for now.

It wasn't quite as easy as just triggering on a couple of events as I 
wanted to log the IP address of the connection and to whitelist against 
exchangeNames, so I needed to trigger on quite a few object properties.

What do you reckon - useful?

As a slight aside... Gordon are there any plans to update qpid-config on 
an official release with your patch that displays the binding.arguments 
if they exist and so make it useful for headers exchange bindings. I've 
got my own patched version, but I'd rather use a vanilla version from a 
release. Similarly qpid-route had a test in place (at the start of the 
addLink() method) to prevent one linking a broker to itself, things work 
fine if I comment out the test. I can't see a good reason for the test - 
or log a warning rather than throw an exception.
Frase

Mime
View raw message