The action element defines operations on resources.
The following settings are possible:
<action value="publish" />
<action value="subscribe" />
<action value="put" />
<action value="get" />
<action value="connect" />
<action value="admin" />
While actions are specified independently of resources, the micro broker requests access control decisions only using publish/subscribe
for topics, put/get
for queues, and connect/admin
for the broker.
The connect action must be permitted for users if they are to be permitted to do any other action (that is, to publish or subscribe to topics, put or get to queues, or administer the broker). This approach prevents unauthorized users from using unnecessary resources on the micro broker. This mechanism can also be used to easily deny access to users without having to delete or comment-out all related entries in the ACL file.
Parent topic: ACL document structure