files that demonstrate how to accomplish a number of common access control schemes. They can be used either to replace the default file (with appropriate edits for your own user names) or as a cookbook, where relevant sections can be cut and pasted to create your own set of policies.
Permit everybody to do everything
This example shows a micro broker ACL file that permits everybody to do everything, as if there were no micro broker Authorization, which was the case for previous versions of micro broker.
Permit everybody but anonymous users
This example shows a micro broker ACL file that permits all authenticated users full access to the micro broker (to connect, put to, and get from queues, publish and subscribe to topics, and perform administrative tasks). Anonymous users are denied all access and are not even allowed to connect to the broker.
Differentiate between administrators and ordinary users
This example provides a micro broker ACL file that permits users Minnie
to undertake administration tasks (and only administration tasks) and permits Groucho
, and Chico
to publish and subscribe to topics and to put to and get from queues
Differentiate between readers and writers
This sample shows a micro broker ACL file that permits users Samson
to put to all queues and publish to all topics, but not to get or subscribe. In contrast, users Fred
can get from all queues and subscribe to all topics, but not put or publish. None of the users in this example can perform administrative tasks on the broker.
Differentiate between readers and writers for specific topics and queues
This final sample ACL file is similar to the previous example, but it specifies the particular topics and queues that the users are permitted to access.