On Tue, May 18, 2010 at 7:13 AM, Andrew Kennedy <andrewinternatio...@gmail.com> wrote: > On 17 May 2010 17:43, Carl Trieloff <cctriel...@redhat.com> wrote: >> >> part I am confused about in the thread is the following: Why introduce >> additional opperations to the ACL file format when they can already >> be covered with what is already in the format? >> >> I can see why we need to add (vhost, subnetmask) -- no argument there. >> owner - I'm not 100% sure on but seems reasonable >> >> I don't see why any of the other additions are needed (config, admin, >> connect,..). I'm not saying we should not cover x case, I just don't see >> yet why it is not covered with what is already there. >> >> If we can't cover with what is there, adding is fine, but I'm not convinced >> yet that they are needed to cover any of the cases put forward so far in >> the JIRA. > > OK, the IP whitelisting/firewalling is a separate issue, but here is my > summary of the proposal I have for new ACL methods. I'd appreciate > comments. Also, Rajith, could you append the following text to the wiki > page you're creating, since I don't have access, please? >
Andrew, I have added your proposal and the text you pasted here in https://cwiki.apache.org/confluence/display/qpid/andrew+acl+proposal This page is linked off, https://cwiki.apache.org/confluence/display/qpid/ACL+Design And the above is linked off the developer pages. I will get out my proposal a bit later in the week. Rajith --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:dev-subscr...@qpid.apache.org
