Overview
The AMQ Protocol specification has not yet formaly formally specified how access control lists should be specified or implemented as a result this is subject to change
The Java Qpid Broker provides an authentication framework based on SASL, that provides the ability to plug in arbitrary user (or more strictly principal) databases and different SASL-compliant mechanisms. This mechanism has been extended as a proof of concept to allow access rights to a virtual host. What this page will present is an extension of this early work to include full access control across all objects in the system.TBC.
SASL/Authentication Design
Qpid Interoperability Documentation : For details on the SASL mechanimsm.
Qpid Design - PrincipalDatabase : The Interface for adding new authentication sources
Qpid Design - Dynamic SASL Mechanisms : How SASL mechanisms are incorporated in the Java broker
Qpid Design - Dynamic SASL Mechanisms : How AMQPLAIN other Qpid specific SASL mechanisms are added to the Java Client.
ACL Plugin Design Details
java ACLPlugin
Continuing work on this design can be found here
Include Page | ||||
---|---|---|---|---|
|