Contents
 Contents

Enabling ACL-based Security

By default, ACL based security is turned OFF in FioranoMQ, but can be turned ON. To turn ACL based security ON, perform the following steps::

  1. Open the profile for off-line editing through the Profile Manager as explained in the Pinging section.
  2. Go to Fiorano > etc > FMQConfigLoader.
  3. In the Properties panel, enable the AclBasedDestinationSecurity property.

4. Right-click the FioranoMQ node and select Save from the pop-up menu.

Turning ON ACL Checks

By default, ACLs are checked only at the time of performing an action, such as creating a publisher/subscriber on a topic. If an ACL is modified, clients connected to it are not affected. To get connected clients to check ACL when modified, perform the following steps:

  1. Open the profile for off-line editing through the Profile Manager using Studio, as explained in the Pinging section.
  2. Go to Fiorano > etc > FMQConfigLoader.
  3. Enable the AllowOnTheFlyAclCheck property.

4. Right-click the FioranoMQ node and select Save option from the pop-up menu.

Icon

The AllowOnFlyAclCheck flag works for all permissions except when:

  1. A publisher is publishing non-persistent messages on a topic.
  2. The permission to create publisher should be revoked for a topic.
  3. No exception is thrown even though the User is not allowed to publish since messages are sent in batch mode.

Work Around 1:

For NP messages, batching is enabled by default which leads to the behavior explained above. To view this Exception at the 'send' API location, set the BatchingEnabled parameter in the ConnectionFactory to 'FALSE'.

Work Around 2:

Add the following line to the client code environment while performing the lookup function:

Adaptavist ThemeBuilder EngineAtlassian Confluence