...
The AMQ Protocol specification has not yet formaly formally specified how access control lists should be specified or implemented as a result this is subject to change
The Java Qpid Broker provides an authentication framework based on SASL, that provides the ability to plug in arbitrary user (or more strictly principal) databases and different SASL-compliant mechanisms. This mechanism has been extended as a proof of concept to allow access rights to a virtual host. What this page will present is an extension of this early work to include full access control across all objects in the system.The current access file would be modified to provide additional objects for control:
SASL/Authentication Design
Qpid Interoperability Documentation : For details on the SASL mechanimsm.
Qpid Design - PrincipalDatabase : The Interface for adding new authentication sources
Qpid Design - Dynamic SASL Mechanisms : How SASL mechanisms are incorporated in the Java broker
Qpid Design - Dynamic SASL Mechanisms : How AMQPLAIN other Qpid specific SASL mechanisms are added to the Java Client.
ACL Design Details
Qpid Design - ACLPlugin
Qpid Java ACL Version 1 Design
Qpid ACL Version 2 Design