Don't know if this is a debate or not, pieces we all understand and
agree to.
We need to be able to do IP whitlisting
We need to be able support certain classes of oppertaions
We need vhost
....
In ACLv2 as the C++ broker, most of the cases can be covered
with the config. There is even a patch on JIRA for whitelisting
for the C++ broker (needs tests etc).
part I am confused about in the thread is the following: Why introduce
additional opperations to the ACL file format when they can already
be covered with what is already in the format?
I can see why we need to add (vhost, subnetmask) -- no argument there.
owner - I'm not 100% sure on but seems reasonable
I don't see why any of the other additions are needed (config, admin,
connect,..). I'm
not saying we should not cover x case, I just don't see yet why it is
not covered
with what is already there.
If we can't cover with what is there, adding is fine, but I'm not
convinced yet that
they are needed to cover any of the cases put forward so far in the JIRA.
Carl.
On 05/17/2010 11:11 AM, Robert Godfrey wrote:
Sorry to come late to this discussion... Just thought that I'd add
that in addition to Marnie's points below wrt virtual hosts (which in
themselves should be considered compelling), it is not completely true
to say that AMQP1-0 removes Virtual Hosts, it is just that we say that
if you do them, you should do them in a more "httpd" like way (i.e.
the notion of virtual host is tied into the host name that you believe
you have connected to).
It is still envisioned that in AMQP1-0 a single broker "process" may
be acting as if it were several independent hosts - as to whether you
would wish to manage all the ACLs for the independent hosts in the
same file... that is a different question. The reason for doing so in
an AMQP0-x broker is that authentication is done *before* selecting
the vhost. In 1-0 the host would potentially be selected prior to
authentication.
-- Rob
On 14 May 2010 22:33, Marnie McCormack<[email protected]> wrote:
We have real customer requirements for both the virtual host level ACLs,
where prod deployments restrict incoming clients to one vh only, but allow
all artifacts on that vh for that user. We also need to retain the firewall,
or at least the config/features, since that was a priority feature
enhancement which we need to continue supporting,
Hth,
Marnie
On Tue, May 11, 2010 at 3:37 PM, Rajith Attapattu (JIRA)<
[email protected]> wrote:
[
https://issues.apache.org/jira/browse/QPID-2539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866162#action_12866162]
Rajith Attapattu commented on QPID-2539:
----------------------------------------
1. I can see the value of virtual host for the current setup, but going
forward do we have virtual hosts in AMQP 1.0 ? So it worth it doing so late
in the game?
I am not opposed to having a virtual host object in the ACL file as the
Java broker is using that.
The c++ broker can easily ignore it.
My question was more about whether it's really worth spending effort on
something that we know want be there for long.
If you have customer requests for protecting virtual hosts with ACL then it
is fine (All though I think this is redundant as the objects within a
virtual host is covered anyways).
But if there is no interest from the users, then I'd say don't bother.
ADK: This is required for the Firewall plugin. Whether the Firewall plugin
is required is another question entirely.
RA: Good question, Aidan and I had discussed on the qpid dev list about
using ACL to validate the IP addresses instead of maintaining a separate
firewall plugin.
The C++ broker does have an outstanding JIRA for something similar
to the firewall plugin which we hope to implement using ACL.
We were planning to have that as an optional feature to ensure
backwards compatibility.
So if you want ACL to restrict IP address you need to explicitly
enable it in the ACL module.
The config option (Not the CONFIG object) you talked about is going
to be handy here.
I am bit swamped these days, hopefully when I get some free time, I will
try to put my thoughts into a wiki page to capture the requirements and
share some ideas with you.
Perhaps then we can open some more concrete JIRA's to focus on those
individual areas.
Update ACL file syntax to be clearer and add extra operations
-------------------------------------------------------------
Key: QPID-2539
URL: https://issues.apache.org/jira/browse/QPID-2539
Project: Qpid
Issue Type: Sub-task
Components: Java Broker
Reporter: Andrew Kennedy
Fix For: 0.7
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
