Bug 874516
| Summary: | [RFE] Per-user configurable limit on the number of active connections | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | J.H.M. Dassen (Ray) <rdassen> | |
| Component: | qpid-cpp | Assignee: | Chuck Rolke <crolke> | |
| Status: | CLOSED ERRATA | QA Contact: | Zdenek Kraus <zkraus> | |
| Severity: | high | Docs Contact: | ||
| Priority: | medium | |||
| Version: | Development | CC: | crolke, esammons, freznice, iboverma, jross, lzhaldyb, mcressma, pbaroux, pmoravec, rbinkhor, rpiddapa, sgraf, zkraus | |
| Target Milestone: | 3.0 | Keywords: | FutureFeature | |
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | All | |||
| Whiteboard: | ||||
| Fixed In Version: | qpid-cpp-0.22-10 | Doc Type: | Enhancement | |
| Doc Text: |
It is now possible to configure the active connection limit for individual users. Having one setting for all users was identified as being insufficient: Administrators and Broker monitors require many connections while public clients must be limited to few connections. With the new scheme, individual users can now have connection limits set through the ACL file. Both users, and groups of users can now be configured to receive many or few connections (including zero connections if this is applicable).
|
Story Points: | --- | |
| Clone Of: | 866219 | |||
| : | 957978 (view as bug list) | Environment: | ||
| Last Closed: | 2014-09-24 15:05:31 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 866219 | |||
| Bug Blocks: | 785156, 957978 | |||
|
Comment 3
Chuck Rolke
2013-02-11 02:48:14 UTC
Also include r1450841 Hi Chuck, could you please provide some info on how this should be used, like what is the syntax, etc. thanks. The syntax in the file is at: https://cwiki.apache.org/confluence/display/qpid/ACL#ACL-ACLFileSyntax acl allow bob create queue quota connections 100 alice bob charlie Discussion of the interaction between command line options and ACL file quota settings is at: https://cwiki.apache.org/confluence/display/qpid/ACL#ACL-QuotaSettings I've discovered following problems with this implementation: 1. The connection quota value zero allows one connection in quota connections 0 usera@QPID ./qc2_connector -b usera/usera@localhost:5672 -c 10 2013-07-18 13:06:28 [Client] warning Broker closed connection: 320, connection-forced: User connection denied by configured limit connection-forced: User connection denied by configured limit 1 9 10 ^ ^ ^ ^ ^ requested connections ^ failed connection connected sucessfully Tested on x86 and x86_64 with packages: python-qpid-0.22-4.el6.noarch python-qpid-qmf-0.22-10.el6.x86_64 qpid-cpp-client-0.22-13.el6.x86_64 qpid-cpp-client-devel-0.22-13.el6.x86_64 qpid-cpp-client-devel-docs-0.22-13.el6.noarch qpid-cpp-client-rdma-0.22-13.el6.x86_64 qpid-cpp-client-ssl-0.22-13.el6.x86_64 qpid-cpp-debuginfo-0.22-13.el6.x86_64 qpid-cpp-server-0.22-13.el6.x86_64 qpid-cpp-server-devel-0.22-13.el6.x86_64 qpid-cpp-server-ha-0.22-13.el6.x86_64 qpid-cpp-server-rdma-0.22-13.el6.x86_64 qpid-cpp-server-ssl-0.22-13.el6.x86_64 qpid-cpp-server-store-0.22-13.el6.x86_64 qpid-cpp-server-xml-0.22-13.el6.x86_64 qpid-java-client-0.22-5.el6.noarch qpid-java-common-0.22-5.el6.noarch qpid-java-example-0.22-5.el6.noarch qpid-proton-c-0.5-2.el6.x86_64 qpid-qmf-0.22-10.el6.x86_64 qpid-tools-0.22-3.el6.noarch -> VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-1296.html |