Specifying Acl rules that allow named users to create named objects require an endless number of Acl rules.
Administrators must keep adding users to the Acl file to allow the users to use the broker.
User name substitution keywords are added to the Acl file so that a single rule may apply to all users.
Keywords are created to substitute for the user name, the domain name, or the user and the domain name together.
Keyword substitution is allowed for object names, routing key names, alternate exchange names, and queue names.
Actual user and domain names are normalized. Periods and ampersands are replaced with underscores.
Any single rule using a name substitution may apply to thousands of different users thus saving Acl file overhead and maintenance.
A simple set of Acl rules can give users freedom to create per user or per domain private resources by limiting the resource to contain the user's name or domain. Coincidently the same users are prevented from creating random resources as the names of what they can create is strictly controlled.