[
https://issues.apache.org/jira/browse/QPID-2539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866125#action_12866125
]
Andrew Kennedy commented on QPID-2539:
--------------------------------------
RA:
1. I don't think we should deprecate the "group" declarations. I think it's a
very convenient feature and is currently used by several customers that in
production.
2. I am not opposed to having a pluggable external mechanism for configuring
groups. However I am still not clear as to how these groups are tied to the
authentication system. Bear in mind that the users in ACL are authenticated via
our authentication mechanism. So any external mechanism used for the groups
needs to be used in authentication as well. Could you pls clarify this point?
ADK: This is to allow other mechanisms, primarily directory services but also
stand-alone group files, such as the unix /etc/group file. I have no problem
keepin the ability to include groups in the ACL file, I would just like to have
the ability to override this facility and use an external, pluggable mechanism.
In many cases this will be separate from the authentication mechanism by their
very nature - unix passwd and group is an obvious example, as is .htaccess and
tomcat groups. We should continue discussion at QPID-2541 though.
> Update ACL file syntax to be clearer and add extra operations
> -------------------------------------------------------------
>
> Key: QPID-2539
> URL: https://issues.apache.org/jira/browse/QPID-2539
> Project: Qpid
> Issue Type: Sub-task
> Components: Java Broker
> Reporter: Andrew Kennedy
> Fix For: 0.7
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscr...@qpid.apache.org
