On Fri, 2023-05-26 at 22:37:45 +0200, John D. Ament wrote: > Hi there > > We're on "Classic" 5.17.2 and use VirtualTopics pretty heavily, due to some > external constraints can't use Artemis quite yet. I was wondering, is > there any guidance on setting up ACLs with VirtualTopics? > > Originally when we setup the connection, the application was connecting and > consuming from 'Consumer.user1.VirtualTopic.>' to get everything but we > realized it was pulling in messages that we shouldn't have been and are > trying to setup an ACL to limit what topics the consumer can read from. > The ACL ended up looking like this: > > <authorizationEntry read="user1" admin="user1" write="user1" > topic="VirtualTopic.topic1"/> > <authorizationEntry read="user1" admin="user1" write="user1" > queue="Consumer.user1.VirtualTopic.topic1"/> > <authorizationEntry read="user1" admin="user1" write="user1" > topic="ActiveMQ.Advisory.>"/>
Dunno if this is supposed to be > or that your mail client encoded it as such but according to the documentation[1] it's supposed to be > so: <authorizationEntry read="user1" admin="user1" write="user1" topic="ActiveMQ.Advisory.>"/> BR, - Simon 1, <https://activemq.apache.org/security.html#controlling-access-to-temporary-destinations>
