RE: [xmlblaster] Receive Only Client

[Marcel Ruff <mr at marcelruff.info>]

Hi again,

i have added a simple authorization extension to Cyrilles
htpasswd plugin which should
suffice for simple use cases (see svn):

Example of xmlBlaster.htpasswd (password is 'secret'):
--------------------------------------
guest:yZ24stvIel1j6:connect,disconnect,publish(tennis;sailing)
joe:yZ24stvIel1j6:connect,disconnect,publish
admin:yZ24stvIel1j6:!erase
other:yZ24stvIel1j6:! subscribe,unSubscribe
all:yZ24stvIel1j6::
__sys__jdbc:yZ24stvIel1j6
--------------------------------------

After the second ':' you can add comma separated method names which are allowed.

If you start the section with a '!' everything is inverted (for example
everything is allowed but not 'subscribe' and 'unSubscriber').

A method name can be followed by () containing topic oids separated by ';'

See
http://www.xmlblaster.org/xmlBlaster/doc/requirements/security.htpasswd.html#authorization

regards
Marcel


Matthew Sargent wrote:

> > Hey all,
> >
> > I would like to have two classes of subscriber: 1) able to subscribe and
> > publish and 2) only able to subscribe. What would I need to do in order to
> > make this happen. I have toyed with the idea of having 2 ports (both SSL)
> > that can be connected to, and only have on of them allow publishing, or
> > create various users and re-work some aspect of xmlBlaster to govern this
> > based on user name and password.
> >
> > Any better suggestions? Places to look, solutions already in play?
> >
> > Matt
> >
> >
> >
> >   
>