THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Code Block |
---|
user = username[/domain[@realm]] user-list = user1 user2 user3 ... group-name-list = group1 group2 group3 ... group <group-name> = [user-list] [group-name-list] permission = [allow|allow-log|deny|deny-log] action = [consume|publish|create|access|bind|unbind|delete|purge|update] object = [virtualhost|queue|exchange|broker|link|route|method] property = [name|durable|owner|routingkey|passive|autodelete|exclusive|type|alternate|queuename| policytype|schemapackage|schemaclass| queuemaxsizelowerlimit|queuemaxsizeupperlimit| queuemaxcountlowerlimit|queuemaxcountupperlimit| filemaxsizelowerlimit|filemaxsizeupperlimit| filemaxcountlowerlimit|filemaxcountupperlimit] acl permission {<group-name>|<user-name>|"all"} {action|"all"} [object|"all" [property=<property-value>]] quota {connections|queues} N {<group-name>|<user-name>|"all"} [{<group-name>|<user-name>|"all"}] |
...
- If the command line switch '--connection-limit-per-user' is absent and there are no 'quota connections' rules in the ACL file then connection limits are not enforced.
- If the command line switch '--connection-limit-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
- If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
- Connection quotas for users are registered in order as the rule file is processed. A user may be assigned any number of connection quota values but only the final value is retained and enforced.
- Connection quotas for groups are applied as connection quotas for each individual user in the group at the time the 'quota connections' line is processed.
- Quota values range from 0 to 65530. A value of zero (0) denies connections for that user or group.
Queue quota
Queue quotas work in conjunction with the command line switch '--max-queues-per-user N' to limit users to some number of concurrent queues.
- If the command line switch '--max-queues-per-user' is absent and there are no 'quota queues' rules in the ACL file then queue limits are not enforced.
- If the command line switch '--max-queues-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
- If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
- Queue quotas for users are registered in order as the rule file is processed. A user may be assigned any number of queue quota values but only the final value is retained and enforced.
- Queue quotas for groups are applied as queue quotas for each individual user in the group at the time the 'quota queues' line is processed.
- Quota values range from 0 to 65530. A value of zero (0) denies queues for that user or group.