[ https://issues.apache.org/jira/browse/ARTEMIS-4754?focusedWorklogId=917197&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-917197 ]
ASF GitHub Bot logged work on ARTEMIS-4754: ------------------------------------------- Author: ASF GitHub Bot Created on: 01/May/24 20:46 Start Date: 01/May/24 20:46 Worklog Time Spent: 10m Work Description: tabish121 opened a new pull request, #4916: URL: https://github.com/apache/activemq-artemis/pull/4916 When creating internal temporary queues for the federation control links and the events link we should use a structured naming convention to ease in configuring security for the federation user where all internal names fall under a root prefix which can be used to grant read and write access for the federation user. This change allows security on the wildcarded address "$ACTIVEMQ_ARTEMIS_FEDERATION.#". This change also includes some further restrictions added to federation resources and adds support for wildcarding '$' prefixed addresses. Issue Time Tracking ------------------- Worklog Id: (was: 917197) Remaining Estimate: 0h Time Spent: 10m > Make configuring security for AMQP federation user accounts simpler > ------------------------------------------------------------------- > > Key: ARTEMIS-4754 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4754 > Project: ActiveMQ Artemis > Issue Type: Improvement > Components: AMQP > Affects Versions: 2.33.0 > Reporter: Timothy A. Bish > Assignee: Timothy A. Bish > Priority: Major > Fix For: 2.34.0 > > Time Spent: 10m > Remaining Estimate: 0h > > When creating the user account used to restrict access when securing an AMQP > federation account the currently implementation requires giving the > federation overly broad access so that it can create control and event queues > used for its internal mechanisms. We should make this easier and more narrow > so that a federation user can be granted access to a more limited set of > resources for internal federation mechanics besides access to those addresses > and queues which will be targets of federation. -- This message was sent by Atlassian Jira (v8.20.10#820010)