Hi,
Using apache artemis 2.50.0 and Artemis Console 1.5.0 - im trying to setup some
"non-admin" users for console.
I added a role named "users", added it to HAWTIO_ROLES inside artemis.profile,
and set up permissions in broker.xml:
<security-settings>
<security-setting match="#">
<permission type="createNonDurableQueue"
roles="amq,manager,producer"/>
<permission type="deleteNonDurableQueue" roles="amq,manager"/>
<permission type="createDurableQueue" roles="amq,manager,producer"/>
<permission type="deleteDurableQueue" roles="amq,manager"/>
<permission type="createAddress" roles="amq,manager,producer"/>
<permission type="deleteAddress" roles="amq,manager"/>
<permission type="consume" roles="amq,manager,consumer"/>
<permission type="browse" roles="amq,manager,consumer,users"/>
<permission type="send" roles="amq,manager,producer"/>
<permission type="manage" roles="amq"/>
</security-setting>
Artemis-roles.properties:
users = user
This is the current config - before this, I added the "users" role to "consume"
and "send" permissions as well.
In all cases, the "user" can login but they can also delete queues and
addresses. Queue-based operations look exactly the same as they do for a user
with amq or manager role.
Can anyone else reproduce?
Gašper Čefarin
T: +386 5 662 2700
E: [email protected]
W: www.actual-it.si<https://www.actual-it.si/>
ACTUAL PRO d.o.o., Ferrarska ulica 14, 6000 Koper - Slovenija
[cid:actual_pro_hor_rgb_72dpi_e2f0ad25-fa2a-42e8-b7fc-f38e9e2722ff.png]
