[jira] Updated: (QPID-2305) Remote IP authentication

Wed, 23 Dec 2009 02:40:03 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Armin Noll updated QPID-2305:
-----------------------------

    Description: 
We require a feature that allows to restrict on user level the IP addresses 
from which a user is allowed to connect.
Multiple addresses in CIDR notation are possible per user.

We propose the following solution via rules in the ACL file (see also attached 
modified source code):

   acl <permission> {<group-name>|<user-name>|"all"} create connection 
network=<network>

where <network> is a comma separated list of addresses nnn.nnn.nnn.nnn[/nn]

E.g.
acl allow b...@qpid create connection network=192.168.1.0/24 


The request has also been reported as service request no 1981258 at Red Hat's 
support system.

  was:
We require a feature that allows to restrict on user level the IP addresses 
from which a user is allowed to connect.
Multiple addresses in CIDR notation are possible per user.

We propose the following solution via rules in the ACL file (see also attached 
modified source code):

   acl <permission> {<group-name>|<user-name>|"all"} create connection 
network=<network>

where <network> is a comma separated list of addresses nnn.nnn.nnn.nnn[/nn]



> Remote IP authentication
> ------------------------
>
>                 Key: QPID-2305
>                 URL: https://issues.apache.org/jira/browse/QPID-2305
>             Project: Qpid
>          Issue Type: New Feature
>          Components: C++ Broker
>            Reporter: Armin Noll
>         Attachments: acldata.cpp, acldata.h, aclmodule.h, 
> connectionhandler.cpp
>
>
> We require a feature that allows to restrict on user level the IP addresses 
> from which a user is allowed to connect.
> Multiple addresses in CIDR notation are possible per user.
> We propose the following solution via rules in the ACL file (see also 
> attached modified source code):
>    acl <permission> {<group-name>|<user-name>|"all"} create connection 
> network=<network>
> where <network> is a comma separated list of addresses nnn.nnn.nnn.nnn[/nn]
> E.g.
> acl allow b...@qpid create connection network=192.168.1.0/24 
> The request has also been reported as service request no 1981258 at Red Hat's 
> support system.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:[email protected]

Reply via email to