[ https://issues.apache.org/jira/browse/QPID-1626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Ritchie updated QPID-1626: --------------------------------- Assignee: Aidan Skinner (was: Martin Ritchie) Status: Open (was: Ready To Review) Just a few comments: PluginManager:L131 - Think this should be _securityTracker.open() not a repeat of _exchangeTracker.open() PluginTest - WOuld be good to have a test in here for the securityPlugins. This might have caught the above mistake. ApplicationRegistry:L267: getAccessManager() creates a new one every time rather than returning _accessManager. Exchange/Queue Denier : Would have called them *DeleteDenier just to be clear for testing reuse. AllowAll/*Denier/SimpleXML getPluginName is now nolonger used so it should be removed. AbstractACLPlugin:authoriseCreateExchange still has the Auto-generated code. should it not return DEFAULT_ANSWER? AuthorizationManger is an empty class ACLManagerTest : The assert statements should also have a string parameter to make debugging test failures easier. > Pluggable authorization modules > ------------------------------- > > Key: QPID-1626 > URL: https://issues.apache.org/jira/browse/QPID-1626 > Project: Qpid > Issue Type: Improvement > Components: Java Broker > Reporter: Aidan Skinner > Assignee: Aidan Skinner > Fix For: M5 > > > Authorization is almost, but not quite, pluggable atm. A sketch design is at > http://qpid.apache.org/java-authorization-plugins.html and broadly involves > implementing an AuthorizationManager which talks to a collection of plugins > to authorize requests. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org