Hide Forgot
Description of problem: There is no way how to specify '' exchange in an ACL rule. These lines have been tried: 1) acl allow all publish exchange name="" then ACL checks exchange of name '""' (string with 2 characters ") 2) acl allow all publish exchange name='' then ACL checks exchange of name '''' (string with 2 characters ') 3) acl allow all publish exchange name= then ACL syntax check rejects it as it requires a non-empty value Workaround in specifying: acl allow all publish exchange name=* acl deny all publish exchange name=[a-zA-Z-0-9]* is not applicable as each check would have to pass up to 62 rules. Version-Release number of selected component (if applicable): any (seen in 0.12) How reproducible: 100% (missing configuration ability) Steps to Reproduce: n.a. Actual results: n.a. Expected results: n.a. Additional info: Can't 802656 (RFE: Support regular expressions in ACL) elegantly resolve this?
*** Bug 707678 has been marked as a duplicate of this bug. ***
Committed upstream trunk at r1465719 The patch adds an ACL keyword "amq.default" that stands in for the unnamed exchange during PUBLISH EXCHANGE lookups. The rule: acl allow mrPavel publish exchange name=amq.default routingkey=secretqueue allows mrPavel to publish to secretqueue.
Fix is OK. Issue was tested on RHEL5 and RHEL6, i686 and x86_64 with packages: python-qpid-0.22-4 python-qpid-qmf-0.22-6 qpid-cpp-client-ssl-0.22-7 qpid-cpp-server-store-0.22-7 qpid-proton-c-0.4-2.2 qpid-cpp-client-0.22-7 qpid-cpp-client-rdma-0.22-7 qpid-cpp-server-ssl-0.22-7 qpid-cpp-server-ha-0.22-7 qpid-tools-0.22-3 qpid-cpp-server-0.22-7 qpid-qmf-0.22-6 qpid-cpp-server-devel-0.22-7 qpid-cpp-debuginfo-0.22-7 qpid-cpp-client-devel-0.22-7 qpid-cpp-server-xml-0.22-7 qpid-cpp-server-rdma-0.22-7 qpid-cpp-client-devel-docs-0.22-7 ->VERIFIED
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-1296.html