Versions Compared

Old Version 60

changes.mady.by.user Chuck Rolke

Saved on

compared with

New Version 61

changes.mady.by.user Chuck Rolke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Add 'quota queues' file syntax from QPID-4604

...

Code Block
user = username[/domain[@realm]]
user-list = user1 user2 user3 ...
group-name-list = group1 group2 group3 ...

group <group-name> = [user-list] [group-name-list]

permission = [allow|allow-log|deny|deny-log]
action = [consume|publish|create|access|bind|unbind|delete|purge|update]
object = [virtualhost|queue|exchange|broker|link|route|method]
property = [name|durable|owner|routingkey|passive|autodelete|exclusive|type|alternate|queuename|
            policytype|schemapackage|schemaclass|
            queuemaxsizelowerlimit|queuemaxsizeupperlimit|
            queuemaxcountlowerlimit|queuemaxcountupperlimit|
            filemaxsizelowerlimit|filemaxsizeupperlimit|
            filemaxcountlowerlimit|filemaxcountupperlimit]

acl permission {<group-name>|<user-name>|"all"} {action|"all"} [object|"all" [property=<property-value>]]

quota {connections|queues} N {<group-name>|<user-name>|"all"} [{<group-name>|<user-name>|"all"}]

...

  • If the command line switch '--connection-limit-per-user' is absent and there are no 'quota connections' rules in the ACL file then connection limits are not enforced.
  • If the command line switch '--connection-limit-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
  • If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
  • Connection quotas for users are registered in order as the rule file is processed. A user may be assigned any number of connection quota values but only the final value is retained and enforced.
  • Connection quotas for groups are applied as connection quotas for each individual user in the group at the time the 'quota connections' line is processed.
  • Quota values range from 0 to 65530. A value of zero (0) denies connections for that user or group.

Queue quota

Queue quotas work in conjunction with the command line switch '--max-queues-per-user N' to limit users to some number of concurrent queues.

  • If the command line switch '--max-queues-per-user' is absent and there are no 'quota queues' rules in the ACL file then queue limits are not enforced.
  • If the command line switch '--max-queues-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
  • If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
  • Queue quotas for users are registered in order as the rule file is processed. A user may be assigned any number of queue quota values but only the final value is retained and enforced.
  • Queue quotas for groups are applied as queue quotas for each individual user in the group at the time the 'quota queues' line is processed.
  • Quota values range from 0 to 65530. A value of zero (0) denies queues for that user or group.