[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [xmlblaster] Receive Only Client



Hi again,

i have added a simple authorization extension to Cyrilles
htpasswd plugin which should
suffice for simple use cases (see svn):

Example of xmlBlaster.htpasswd (password is 'secret'):
--------------------------------------
guest:yZ24stvIel1j6:connect,disconnect,publish(tennis;sailing)
joe:yZ24stvIel1j6:connect,disconnect,publish
admin:yZ24stvIel1j6:!erase
other:yZ24stvIel1j6:! subscribe,unSubscribe
all:yZ24stvIel1j6::
__sys__jdbc:yZ24stvIel1j6
--------------------------------------

After the second ':' you can add comma separated method names which are allowed.

If you start the section with a '!' everything is inverted (for example
everything is allowed but not 'subscribe' and 'unSubscriber').

A method name can be followed by () containing topic oids separated by ';'

See
http://www.xmlblaster.org/xmlBlaster/doc/requirements/security.htpasswd.html#authorization

regards
Marcel


Matthew Sargent wrote:

> Hey all,
>
> I would like to have two classes of subscriber: 1) able to subscribe and
> publish and 2) only able to subscribe. What would I need to do in order to
> make this happen. I have toyed with the idea of having 2 ports (both SSL)
> that can be connected to, and only have on of them allow publishing, or
> create various users and re-work some aspect of xmlBlaster to govern this
> based on user name and password.
>
> Any better suggestions? Places to look, solutions already in play?
>
> Matt
>
>
>
>