Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-2476

Complete ACL implementation for 0-10 code path

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.7, 0.9
    • None
    • Broker-J

    Description

      Complete ACL implementation for 0-10 code path, providing an ACLv2 implementation that covers the following features/requirements:

      • Best practice security design
      • Support for roles/groups
      • Appropriate for standard stores for authorisation credentials (e.g. LDAP, Kerberos)
      • Expressable as XML
      • Easy to store/backup/extract ACL config
      • Exception handling catching at point of ACL application and return to client via Connection ExceptionListener with correct error code, log failure in broker
      • No significant performance cost on publish, permissions to be cached
      • Security handled at correct level of abstraction internally
      • Interoperability with existing ACLv2

      Attachments

        1. acl.txt
          9 kB
          Andrew Kennedy
        2. method-considered-harmful.txt
          3 kB
          Andrew Kennedy
        3. method-redux.txt
          14 kB
          Andrew Kennedy
        There are no Sub-Tasks for this issue.

        Activity

          People

            Unassigned Unassigned
            andrew.kennedy Andrew Kennedy
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 336h
                336h
                Remaining:
                Remaining Estimate - 336h
                336h
                Logged:
                Time Spent - Not Specified
                Not Specified