qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Kennedy <andrewinternatio...@gmail.com>
Subject Re: Qpid SecurityPlugin "access" and "authorise"
Date Mon, 09 Aug 2010 09:16:22 GMT
Yes,

The original reason was because of the way the Firewall plugin worked,
since it needed a SocketAddress object to work with. On reflection a
single authorise method is better, however it would mean more complex
address processing logic for that callback, and passing the address as
a string, if it is possible to obtain it (since an in-vm broker will
not have a source IP address) and I am also not sure how the method
would handle IPV6 addresses at the moment...

Andrew.
--
-- andrew d kennedy ? edinburgh : +44 7941 197 134

On 8 August 2010 17:10, Robbie Gemmell <robbie.gemmell@gmail.com> wrote:
> Hi Danushka,
>
> I believe that came about due to the completely different interpretation of
> 'access' behaviour between the v1 'Simple XML' and v2 ACL formats. It may be
> possible that the relevant sections could be modified to allow combining the
> two methods, Andrew Kennedy is the person best able to talk about that
> though.
>
> Robbie
>
>> -----Original Message-----
>> From: Danushka Menikkumbura [mailto:danushka.menikkumbura@gmail.com]
>> Sent: 08 August 2010 14:12
>> To: dev@qpid.apache.org
>> Subject: Qpid SecurityPlugin "access" and "authorise"
>>
>> Hi devs,
>>
>> I do not have a clear idea why there are two methods in SecurityPlugin
>> to
>> handle authorization. IMO we should be able to manage with just one
>> method.
>> Probably I am missing something here. Someone please shed some light on
>> this.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org


Mime
View raw message