Red Hat Bugzilla – Bug 808105
ACL syntax does not allow specifying '' exchange
Last modified: 2014-09-24 11:04:11 EDT
Description of problem:
There is no way how to specify '' exchange in an ACL rule. These lines have been tried:
1) acl allow all publish exchange name=""
then ACL checks exchange of name '""' (string with 2 characters ")
2) acl allow all publish exchange name=''
then ACL checks exchange of name '''' (string with 2 characters ')
3) acl allow all publish exchange name=
then ACL syntax check rejects it as it requires a non-empty value
Workaround in specifying:
acl allow all publish exchange name=*
acl deny all publish exchange name=[a-zA-Z-0-9]*
is not applicable as each check would have to pass up to 62 rules.
Version-Release number of selected component (if applicable):
any (seen in 0.12)
100% (missing configuration ability)
Steps to Reproduce:
Can't 802656 (RFE: Support regular expressions in ACL) elegantly resolve this?
*** Bug 707678 has been marked as a duplicate of this bug. ***
Committed upstream trunk at r1465719
The patch adds an ACL keyword "amq.default" that stands in for the unnamed exchange during PUBLISH EXCHANGE lookups. The rule:
acl allow mrPavel publish exchange name=amq.default routingkey=secretqueue
allows mrPavel to publish to secretqueue.
Fix is OK.
Issue was tested on RHEL5 and RHEL6, i686 and x86_64 with packages:
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.