[ https://issues.apache.org/jira/browse/QPID-4494?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chuck Rolke resolved QPID-4494. ------------------------------- Resolution: Not A Problem Fix Version/s: 0.18 The amqp::exchange::bound frame includes Exchange, Queue, Binding-key, and Args. The broker passes Exchange, Queue, and Binding-key to the Acl module for processing. It would be an error to remove the Binding-key value in the Acl call. The fact that the C++ Messaging client chooses not to pass a binding-key to the bound call is not an error either. Executing the same drain/spout commands through the Python client does not even generate an exchange::bound frame. > C++ Broker uses RoutingKey property during exchange declare Acl lookup > ---------------------------------------------------------------------- > > Key: QPID-4494 > URL: https://issues.apache.org/jira/browse/QPID-4494 > Project: Qpid > Issue Type: Bug > Components: C++ Broker > Affects Versions: 0.18 > Reporter: Chuck Rolke > Assignee: Chuck Rolke > Fix For: 0.18 > > > The Acl interface to the broker during and exchange bound function includes > an extraneous binding key parameter. > The functions that trigger this lookup are illustrated here: > COMMAND LINE > ./spout "x-usera-1/a.x" > ON THE WIRE > 2012-12-04 15:55:25 [Protocol] trace RECV [127.0.0.1:5672-127.0.0.1:46894]: > Frame[BEbe; channel=1; {ExchangeBoundBody: exchange=x-usera-1; > queue=x-usera-1; binding-key=; arguments={}; }] > ACL LOOKUP > 2012-12-04 15:55:25 [Security] debug ACL: Lookup for id:anonymous > action:access objectType:exchange name:x-usera-1 with params { routingkey= > queuename=x-usera-1 } > The user application is passing the binding key 'a.x' to the messaging > client. However, the messaging client does not pass the binding key to the > broker during the ExchangeBoundBody message. As a result the broker Acl > lookup uses a blank routingkey. > If the broker is configured with an Acl file that has an ACCESS EXCHANGE rule > that specifies a routingkey then that rule will never match. > The suggested change is to deprecate the routingkey property in the Acl > ACCESS EXCHANGE rule processing. If a routingkey is specified then it will be > ignored and a warning message will be issued. > If customers have 'access exchange' rules that use routingkey values > specified then the Acl behavior may start matching rules that did not match > before. However the log file will have an Acl warning and the broker will not > fail to boot due to an Acl file processing error. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org