qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Rolke <cro...@redhat.com>
Subject Re: [qpid c++] ACL for writing to an exchange
Date Wed, 01 Mar 2017 20:59:08 GMT
Without the "name" field the ACL rule applies to "AMQP 1.0 establish sender link to queue"
and not to AMQP 0-10 publishing to an exchange.

See the table http://qpid.apache.org/releases/qpid-cpp-1.36.0/cpp-broker/book/chap-Messaging_User_Guide-Security.html#tabl-Messaging_User_Guide-ACL_Syntax-ACL_ActionObject_properties

Section 1.5.2.5 of that document describes auditing your ACL file.


----- Original Message -----
> From: "Jakub Scholz" <jakub@scholz.cz>
> To: users@qpid.apache.org
> Sent: Wednesday, March 1, 2017 2:48:40 PM
> Subject: Re: [qpid c++] ACL for writing to an exchange
> 
> Hi Morgan,
> 
> You might be missing the exchange name. The publish rule should look
> something like this:
> acl allow producer publish exchange name=my_exchange routingkey=myRoutingKey
> 
> But without the logs it is just guessing.
> 
> Jakub
> 
> On Wed, Mar 1, 2017 at 8:13 PM, Morgan Lindqvist <
> morgan.lindqvist@ericsson.com> wrote:
> 
> > Hi All,
> >
> > I have an issue that I can not get working
> >
> > Setup:
> >
> > I have one exchange and three queues connected to it with a filter between
> > the exchange and each queue.
> >
> > The issue I have is to get the users write access to the exchange.
> >
> > acl allow producer access exchange name=nwEx
> > acl allow producer access queue name=nwEx
> > acl allow producer publish exchange routingkey=nwEx
> >
> > This does however not give the users in the "producer" group write access
> > to
> > the exchange. I have tried looking for documentation but failed. Any
> > pointers or examples would be very much appreciated.
> >
> > I do not have the error message available now but it is something like that
> > the user do not have write access to the queues connected to the exchange.
> >
> > /Morgan
> >
> >
> >
> > --
> > View this message in context: http://qpid.2158936.n2.nabble.
> > com/qpid-c-ACL-for-writing-to-an-exchange-tp7659852.html
> > Sent from the Apache Qpid users mailing list archive at Nabble.com.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> > For additional commands, e-mail: users-help@qpid.apache.org
> >
> >
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message