qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aidan Skinner <aidan.skin...@gmail.com>
Subject Re: IP white-lists for brokers
Date Mon, 07 Dec 2009 19:54:39 GMT
On Mon, Dec 7, 2009 at 5:16 PM, Rajith Attapattu <rajith77@gmail.com> wrote:

> However I'd like to see similar functionality/behaviour implemented by
> our brokers for a given requirement where possible.
> The Java brokers ip-whitelisting feature is standalone atm.
> So wondering if there is any interest in combining with the ACL, or
> why it wasn't done that way as it maybe due to some factors that I
> have overlooked.
> Also irrespective of how it's implemented I am keen to have the same
> test cases against both brokers to ensure we share the effort.

Martin and I kicked about the idea of integrating the two at one
point, but didn't due to logistical problems with the current ACL
implementation in the Java broker. It seemed to make more sense to do
it as an extension to the shared ACL format, but that patch never
quite seems to go in.

Adding in a "from <netmask/hostname>" would be pretty simple syntax
wise, and similar to what things like PostgreSQL do. It's a shame the
@ syntax is already taken, but nm.

Something like this perhaps?

acl allow user from localhost
acl allow user from 192.168.1.1/24

- Aidan

-- 
Apache Qpid - AMQP, JMS, other messaging love http://qpid.apache.org
"A witty saying proves nothing" - Voltaire

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org


Mime
View raw message