Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
0.14
-
None
Description
In its current form the ACL module is not testable in a customer deployment. The ACL module loads the ACL file and from then on only real-world activity triggers allow and deny decisions.
This feature proposal adds two management methods that are directly tied to the ACL decision Lookup functions. Using them a customer may start a dummy broker process that uses his actual (1) ACL rule file. Then using a management application the customer may fire off a set of lookups against his rule file to see if the ACL rules deliver the intended results.
This feature could also be used to augment the self tests. It is very hard to stage enough driver code to trigger some of the ACL queries. Using the proposed methods then the self test can launch any ACL query directly.
(1) As usual the ACL file must be bent enough to allow 'anonymous' to have access to the management methods