qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gordon Sim <g...@redhat.com>
Subject Re: Creating a queue and bindings from an address in qpid.messaging / AMQP 1.0
Date Thu, 08 Aug 2013 14:34:26 GMT
On 08/08/2013 02:07 PM, Jakub Scholz wrote:
>> What about keeping the UUID but prefixing it with any authenticated
>> userid? That at least means the userid will by default be in the
>> subscription queue names (and easily deducible from container-id), but by
>> default will always be unique also.
> That is definitely better than UUID only.
>>   I'm also wondering whether this isn't also a question of 100 people having
>>> 100 opinions - we might have problem finding something what would fit
>>> everyone.
>> Indeed. However we are only talking about the default. An explicit scheme
>> can always be used by setting the connection option. Obviously this
>> requires clients to adhere to some defined scheme. That seems unavoidable
>> (but would be nice to be able to use ACL to enforce it perhaps, i.e.
>> restrict use of particular container id patterns by user?)
> Yes, that would be very nice. In relation to the default container naming
> as suggested above, without the ACL you can easily "fake" the container
> name to another user.

Maybe the container id is the wrong thing to focus on. Maybe I should 
change the naming scheme for the subscriptions queues to be 
userid.container-id.link-name? That way there is no way to fake the 
association to user in the queue name, and from your original mail it 
sounds like that might be the most important part?

To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org

View raw message