Hi, In order to limit the visibility of Andes queues to only the tenant that create that queue, following simple solution can be used in my opinion.
1. When creating a queue, just allow user to enter a name for the queue (eg: *myQueue*). 2. Check the domain of the user (eg:* a.com*) 3. Append the domain in front of the queue name user enters seperating with "/" (eg: *a.com/myQueue*) 4. When showing queue list to the user just filter out the queues belonging to his domain (using Java String operations) and show it with only the name user had entered (*myQueue*). 5. In that way, many tenants can share same physical broker. Everybody will see they have their own queue (myQueue). But when subscribing for queues using *external JMS clients* etc. they will have to use the real name (<domain_name>/<queue_name>). Again if some person create a queue using an *external JMS client*, he can create it with any name he want, which will end up with the result that nobody will see the queue. If we document it, knowing name of some tenant domain, anybody would be able to create a queue in that domain space. I have implemented the above and despite above mentioned argument, it is working fine. A similar way has been used for topics as well (written a while ago). Will this be a good solution? Or is there any better ideas? Also, we have clustering support with andes implemented via Apache Zookeeper messaging. This means, each tenant would like to have its own Andes cluster in stratos? Thanks. -- *Hasitha Abeykoon* Software Engineer; WSO2, Inc.; http://wso2.com *cell:* *+94 719363063* *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com>* * * *
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
