Enabling ACL Based Security
By default, ACL based security is turned OFF in FioranoMQ, but can be turned ON. To turn ACL based security ON, perform the following steps::
- Open the profile for off-line editing through the Profile Manager as explained in section 4.8.1 How to Enable Pinging
- Go to Fiorano > etc > FMQConfigLoader.
- In the property panel change the value of the AclBasedDestinationSecurity property to 'yes' as shown in the figure below:
4. Right-click the FioranoMQ node and select Save from the pop-up menu.
Turning ON ACL Checks
By default, ACLs are checked only at the time of performing an action, such as creating a publisher/subscriber on a topic. If an ACL is modified, clients connected to it are not affected. To get connected clients to check ACL when modified, perform the following steps:
- Open the profile for off-line editing through the Profile Manager using Studio, as explained in section 4.8.1 How to Enable Pinging
- Go to Fiorano > etc > FMQConfigLoader.
- Change the value of the AllowOnTheFlyAclCheck property to 'yes' as shown in the figure below:
4. Right-click the FioranoMQ node and select Save option from the pop-up menu.
Work Around 1:
For NP messages, batching is enabled by default which leads to the behavior explained above. To view this Exception at the 'send' API location, set the BatchingEnabled parameter in the ConnectionFactory to 'FALSE'.
Work Around 2:
Add the following line to the client code environment while performing the lookup function:
Modifying ACLManager Implementation
Here, env is the environment passed while performing a JNDI lookup. This will disable batching for that particular client.
- Open the profile for offline editing through the Profile Manager as explained in section 4.8.1 How to Enable Pinging.
- Navigate to the node Fiorano > security > AclManager. Click the current ACL Manager MBean.
- Click the value of the Implementation property and choose a value from the drop-down menu.
- Right-click the FioranoMQ node and select the Save option from the pop-up menu.