Keith Wall created QPID-7246:
--------------------------------
Summary: Make ACL module realm aware
Key: QPID-7246
URL: https://issues.apache.org/jira/browse/QPID-7246
Project: Qpid
Issue Type: Improvement
Components: Java Broker
Reporter: Keith Wall
Fix For: qpid-java-6.1
Make the existing ACL module realm aware.
The parser will need to be adapted to accept realm qualified user/group names.
Currently some symbols, such as the {{=}} and {{/}} within X500 realms will
choke the parser. Perhaps insisting that the name is quoted will help?
To ease upgrade, to allow existing ACL rules files to contain to work without
change, it may be better to allow an ACL rule file to be associated with at
most one authentication provider and at most one group provider. If the ACL
rule is written in term of of the identity without realm, the authorisation
engine would fallback to either of the two associated providers. At
configuration upgrade time, if there is a singleton authentication provider and
singleton group provider, these would be associate with the Access Control
Provider.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
