[jira] Commented: (QPID-2476) Complete ACL implementation for 0-10 code path

Wed, 19 May 2010 05:08:35 -0700 

    [ 
https://issues.apache.org/jira/browse/QPID-2476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12869108#action_12869108
 ] 

Andrew Kennedy commented on QPID-2476:
--------------------------------------

The patches for QPID-2585 (both), QPID-2581, QPID-2542, QPID-2606 and QPID-1447 
should be applied to test the new ACL mechanism. Apologoies for the large size 
of this update. I am happy to go over the purpose of the files for anyone who 
wants clarification, and I am in the process of writing (more) documentation. 
Also, there is still scope for some implementation details to change in the 
future, based on the outcome of discussions on qpid-dev.

Andrew.

> Complete ACL implementation for 0-10 code path
> ----------------------------------------------
>
>                 Key: QPID-2476
>                 URL: https://issues.apache.org/jira/browse/QPID-2476
>             Project: Qpid
>          Issue Type: New Feature
>          Components: Java Broker
>    Affects Versions: 0.7
>            Reporter: Andrew Kennedy
>             Fix For: 0.7
>
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> Complete ACL implementation for 0-10 code path, providing an ACLv2 
> implementation that covers the following features/requirements:
> - Best practice security design
> - Support for roles/groups
> - Appropriate for standard stores for authorisation credentials (e.g. LDAP, 
> Kerberos)
> - Expressable as XML
> - Easy to store/backup/extract ACL config
> - Exception handling catching at point of ACL application and return to 
> client via Connection ExceptionListener with correct error code, log failure 
> in broker
> - No significant performance cost on publish, permissions to be cached
> - Security handled at correct level of abstraction internally
> - Interoperability with existing ACLv2

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:[email protected]

Reply via email to