[ https://issues.apache.org/jira/browse/QPID-2600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866580#action_12866580 ]
Rajith Attapattu commented on QPID-2600: ---------------------------------------- Thx good catch ! "user = userna...@domain[/realm]]" should be changed to user = <name> [ /<domain> [ @<realm> ] ] However currently the c++ broker doesn't treat the '@' as optional as we do have the concept of a domain. I know the Java broker doesn't, as it doesn't support GSSAPI etc.. I could probably default to the default-broker-realm if nothing is specified, rather than flag it as an error. The website documentation needs a bit of work for sure :) We are moving the ACL documentation from the wiki to the new doc book format kept in svn. So going forward we can keep them in sync a bit more easily. > ACL policy doesn't permit certain characters in usernames added to groups > ------------------------------------------------------------------------- > > Key: QPID-2600 > URL: https://issues.apache.org/jira/browse/QPID-2600 > Project: Qpid > Issue Type: Bug > Components: C++ Broker > Affects Versions: 0.6 > Reporter: Rajith Attapattu > Assignee: Rajith Attapattu > Priority: Minor > Fix For: 0.7 > > > Description of problem: > Unable to add a host principle to a group, the acl policy file fails to load > and prevents qpidd from running. > I guess this is partly due to us not figuring out what is exactly allowed for > group and usernames. > How reproducible: > Fails every time. > Steps to Reproduce: > 1. Add a host or service principle to a group in the acl file. Something like > this will suffice: > group somegroup host/somemachine.example....@example.com > Actual results: > Failure to start. Error message is: > Daemon startup failed: Could not read ACL file ACL format error: > /etc/qpid/policy.acl:25: Name "host/somemachine.example....@example.com" > contains illegal characters. > Expected results: > Should load and parse the group cleanly. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org