Red Hat Bugzilla – Bug 446938
Last modified: 2009-02-04 10:34:57 EST
Description of problem:
Security features must exist so that multiple message flows can use the same
broker. There should be multiple users/groups, and the access to and use of
queues should be controlled by an access control list (ACL). The current beta
has few security features. It lack SSL, multiple users and ACL.
This applies to brokers and clients.
Initial file support for RBAC and ACL will be enough, however at we should also
support IPA to store ACL etc t some point.
No test info. Putting NEEDINFO flag.
This issue is covered by other BZ's.
To test and close the ACL side, create two users, setup one with allow all all and the other with no permissions. try useing the command line tools for both these user, one should work, the other deny.
I have just done this test and cleared this aspect of this bug.
As of rev 711957 all changes discussed for MRG 1.1 release is completed.
The ACL module now has an automated test suite that goes through number of scenarios. More test cases could be added.
SSL for both JMS and c++ client/Brokers have also been added and tested.
Gordon has checked in an automated test suite.
I will be adding a test profile for the java side.
RHTS test qpid_compilation_unit_tests performs all unit tests including acl, ssh and others. Test proves features are added.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.