Re: Review Request: Limit number of queues a user can create

Tue, 15 May 2012 06:41:04 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5015/
-----------------------------------------------------------

(Updated 2012-05-15 13:41:01.807339)


Review request for qpid, Alan Conway, Kim van der Riet, and Ted Ross.


Changes
-------

1. User name against whom quotas are taken is stored in queue.settings so that 
it persists in store and across replication. 
2. Queue provides user name accessor methods for QueueRegistry.
3. Queue limits exceed by 'recovered' events are allowed. There's no proper 
mechanism to dispose/disallow creation of these queues and doing so would 
result in data loss and other issues.
4. This is untested against a store or cluster replication but is ready to go 
for either.


Summary
-------

This patch fulfills a long-standing request to keep users from abusing broker 
queue resources. If a user is allowed to create one queue he then can create 
them by the thousdands.

The code is more of a quota than an access control but it fits naturally in the 
current ACL module. The implementation here is queue-centric but could be 
generalized to support limiting exchanges as well.

A few concerns arise:

1. This code counts/protects live requests coming in to single node. This code 
does not protect queues that are presisting. The concern is that a user creates 
his quota of persistent queues and then upon system restart the same user can 
create another batch of queues since the persisted queues aren't tracked. Is 
this a vaild concern?

2. The patch provides only a single setting for all users.

3. The patch makes no effort to replicate the queue count state across a 
cluster. Surely this is a problem for clusters.


This addresses bug QPID-2393.
    https://issues.apache.org/jira/browse/QPID-2393


Diffs (updated)
-----

  trunk/qpid/cpp/src/qpid/acl/Acl.h 1336822 
  trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1336822 
  trunk/qpid/cpp/src/qpid/acl/AclPlugin.cpp 1336822 
  trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1336822 
  trunk/qpid/cpp/src/qpid/broker/AclModule.h 1336822 
  trunk/qpid/cpp/src/qpid/broker/Broker.cpp 1336822 
  trunk/qpid/cpp/src/qpid/broker/Queue.h 1336822 
  trunk/qpid/cpp/src/qpid/broker/Queue.cpp 1336822 
  trunk/qpid/cpp/src/qpid/broker/QueueRegistry.h 1336822 
  trunk/qpid/cpp/src/qpid/broker/QueueRegistry.cpp 1336822 
  trunk/qpid/cpp/src/tests/acl.py 1336822 
  trunk/qpid/cpp/src/tests/run_acl_tests 1336822 

Diff: https://reviews.apache.org/r/5015/diff


Testing
-------

Unit tests included.


Thanks,

Chug

Reply via email to