-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/64645/
-----------------------------------------------------------
(Updated Dec. 15, 2017, 6:20 p.m.)
Review request for qpid, Chug Rolke, Ganesh Murthy, and Ted Ross.
Changes
-------
Updated to always use the permissions from the auth service even if config
based policy is also in place (this is one option, an alternative could be to
always overwrite any auth service policies from config or to somehow try and
combine them)
Bugs: DISPATCH-901
https://issues.apache.org/jira/browse/DISPATCH-901
Repository: qpid-dispatch
Description
-------
If the client specifies its desire for the ADDRESS-AUTHZ capacbility, the
authorization service, if it supports this, will return a set of permissions in
the properties of the open frame. The properties will have an address-authz
key, whose value is a map of address (or wildcard pattern) to an array of
permissions. The only permissions recognised at present by this patch are
'send' and 'recv'.
Diffs (updated)
-----
src/policy.c 22cc79f
src/remote_sasl.c e3c969b
tests/CMakeLists.txt 0c6454c
tests/authservice.py PRE-CREATION
tests/system_tests_authz_service_plugin.py PRE-CREATION
Diff: https://reviews.apache.org/r/64645/diff/2/
Changes: https://reviews.apache.org/r/64645/diff/1-2/
Testing
-------
Added new systems tests using proton python based dummy auth service.
Thanks,
Gordon Sim
