[
https://issues.apache.org/jira/browse/QPID-7921?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16176432#comment-16176432
]
ASF subversion and git services commented on QPID-7921:
-------------------------------------------------------
Commit 0ce2ecd88d2ea5871ed1224080ecae5d6a2d8b50 in qpid-broker-j's branch
refs/heads/master from [~alex.rufous]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=0ce2ecd ]
QPID-7921: [Java Broker] [ACL] Allow managed operation invocation to be
controlled by existing ACL mechanism
> [Java Broker] [ACL] Tactical improvements to ACL to allow managed operation
> invocations to be controlled
> --------------------------------------------------------------------------------------------------------
>
> Key: QPID-7921
> URL: https://issues.apache.org/jira/browse/QPID-7921
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Affects Versions: qpid-java-broker-7.0.0
> Reporter: Alex Rudyy
>
> The broker users should be able to allow/deny individual management
> operations.
> We need to improve existing rule based ACL controllers to allow specifying
> ACL rules for the managed operations. The proposed ACL rule syntax for the
> method invocations is below:
> {noformat}
> ACL [ALLOW|DENY] principal INVOKE object_type operation_name="myOperation"
> {noformat}
> where object_type is any of below
> * BROKER
> * VIRTUALHOSTNODE
> * VIRTUALHOST
> * QUEUE
> * EXCHANGE
> * USER
> * GROUP
> We do not want to introduce new object types for other broker and virtual
> host children.
> The ACL rule for them can be expressed using object type BROKER or
> VIRTUALHOST accordingly.
> We should still support BIND/UNBIND/SHUTDOWN/PUBLISH syntax for backward
> compatibility.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
