[
https://issues.apache.org/jira/browse/DISPATCH-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17153870#comment-17153870
]
Ulf Lilleengen edited comment on DISPATCH-1585 at 7/8/20, 7:26 PM:
-------------------------------------------------------------------
[~chug] I just tried a fresh build of master, and I'm not able to get it
working. I have the following config:
{code:java}
[
["router", { "defaultDistribution": "unavailable"}],
["listener", { "host": "0.0.0.0", "port": 5672, "authenticatePeer": false,
"saslMechanisms": "ANONYMOUS", "multiTenant": true }],
["policy", {"enableVhostPolicy": true, "defaultVhost": "$default" }],
["vhost", { "hostname": "myprefix", "aliases":["internal.example.com"],
"allowUnknownUser": true,
"groups":{"$default":{"remoteHosts":"*","sources":"*","targets":"*","allowDynamicSource":true,"allowAnonymousSender":true}}}],
["address", { "prefix": "myprefix/foo" }]
]
{code}
I then try to connect the sender as follows:
{code:java}
PN_TRACE_FRM=1 python /usr/share/proton/examples/python/simple_recv.py -a
amqp://internal.example.com:5672/foo {code}
And I'm getting this in the router log
{code:java}
2020-07-08 19:20:11.292964 +0000 POLICY (info) DENY AMQP Open for user
'anonymous', rhost '127.0.0.1', vhost 'internal.example.com': No policy defined
for vhost{code}
Is there something wrong in my config, or is there some additional change
needed in the router?
was (Author: lulf):
[~chug] I just tried a fresh build of master, and I'm not able to get it
working. I have the following config:
{code:java}
[
["router", { "defaultDistribution": "unavailable"}],
["listener", { "host": "0.0.0.0", "port": 5672, "authenticatePeer": false,
"saslMechanisms": "ANONYMOUS", "multiTenant": true }],
["policy", {"enableVhostPolicy": true, "defaultVhost": "$default" }],
["vhost", { "hostname": "myprefix", "aliases":["internal.example.com"],
"allowUnknownUser": true,
"groups":{"$default":{"remoteHosts":"*","sources":"*","targets":"*","allowDynamicSource":true,"allowAnonymousSender":true}}}],
["address", { "prefix": "myprefix/foo" }]
]
{code}
I then try to connect the sender as follows:
{code:java}
PN_TRACE_FRM=1 python /usr/share/proton/examples/python/simple_recv.py -a
amqp://internal.example.com:5672/foo {code}
And I'm getting this in the router log
{code:java}
2020-07-08 19:20:11.292964 +0000 POLICY (info) DENY AMQP Open for user
'anonymous', rhost '127.0.0.1', vhost 'internal.example.com': No policy defined
for vhost{code}
> Allow defining address prefix shared by different multitenant listeners
> -----------------------------------------------------------------------
>
> Key: DISPATCH-1585
> URL: https://issues.apache.org/jira/browse/DISPATCH-1585
> Project: Qpid Dispatch
> Issue Type: Wish
> Reporter: Ulf Lilleengen
> Assignee: Charles E. Rolke
> Priority: Major
> Fix For: 1.13.0
>
>
> At present, a multitenant router listener will prefix addresses with the
> hostname in the AMQP Open. However, given a configuration where it is
> desirable to expose a router address space for multiple DNS names, any
> address, linkRoute and autoLink configuration will need to be duplicated for
> each DNS name. This complicates router configuration significantly.
>
> Instead, having a way to specify which prefix to apply for a multitenant
> listener would allow reusing the same address, autoLink and linkRoute
> configuration for multiple listeners.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
