Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
We require a feature that allows to restrict on user level the IP addresses from which a user is allowed to connect.
Multiple addresses in CIDR notation are possible per user.
We propose the following solution via rules in the ACL file (see also attached modified source code):
acl <permission>
{<group-name>|<user-name>|"all"}create connection network=<network>
where <network> is a comma separated list of addresses nnn.nnn.nnn.nnn[/nn]
E.g.
acl allow bob@QPID create connection network=192.168.1.0/24
The request has also been reported as service request no 1981258 at Red Hat's support system.
Attachments
Attachments
Issue Links
- is duplicated by
-
QPID-4947 C++ Broker could use ACL to restrict hosts from which a user may connect
- Closed