[ https://issues.apache.org/jira/browse/QPID-2539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866162#action_12866162 ]
Rajith Attapattu commented on QPID-2539: ---------------------------------------- 1. I can see the value of virtual host for the current setup, but going forward do we have virtual hosts in AMQP 1.0 ? So it worth it doing so late in the game? I am not opposed to having a virtual host object in the ACL file as the Java broker is using that. The c++ broker can easily ignore it. My question was more about whether it's really worth spending effort on something that we know want be there for long. If you have customer requests for protecting virtual hosts with ACL then it is fine (All though I think this is redundant as the objects within a virtual host is covered anyways). But if there is no interest from the users, then I'd say don't bother. ADK: This is required for the Firewall plugin. Whether the Firewall plugin is required is another question entirely. RA: Good question, Aidan and I had discussed on the qpid dev list about using ACL to validate the IP addresses instead of maintaining a separate firewall plugin. The C++ broker does have an outstanding JIRA for something similar to the firewall plugin which we hope to implement using ACL. We were planning to have that as an optional feature to ensure backwards compatibility. So if you want ACL to restrict IP address you need to explicitly enable it in the ACL module. The config option (Not the CONFIG object) you talked about is going to be handy here. I am bit swamped these days, hopefully when I get some free time, I will try to put my thoughts into a wiki page to capture the requirements and share some ideas with you. Perhaps then we can open some more concrete JIRA's to focus on those individual areas. > Update ACL file syntax to be clearer and add extra operations > ------------------------------------------------------------- > > Key: QPID-2539 > URL: https://issues.apache.org/jira/browse/QPID-2539 > Project: Qpid > Issue Type: Sub-task > Components: Java Broker > Reporter: Andrew Kennedy > Fix For: 0.7 > > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org