8.3.4. Reloading the ACL
You can reload the ACL without restarting the broker using a QMF method, either using
qpid-tool
or from program code.
Reload the ACL using qpid-tool
You need to use
qpid-tool
with a account with sufficient privileges to reload the ACL.
- Start
qpid-tool
:$ qpid-tool admin/mysecretpassword@mybroker:5672 Management Tool for QPID qpid:
- Check the ACL list to obtain the object ID:
qpid: list acl Object Summary: ID Created Destroyed Index ================================= 103 12:57:41 - 116
- Optionally, you can examine the ACL:
qpid: show 103 Object of type: org.apache.qpid.acl:acl:_data(23510fc1-dc51-a952-39c2-e18475c1677e) Attribute 103 ================================================= brokerRef 116 policyFile /tmp/reload.acl enforcingAcl True transferAcl False lastAclLoad Tue Oct 30 12:57:41 2012 maxConnectionsPerIp 0 maxConnectionsPerUser 0 maxQueuesPerUser 0 aclDenyCount 0 connectionDenyCount 0 queueQuotaDenyCount 0
- To reload the ACL, call the reload method of the ACL object:
qpid: call 103 reloadACLFile qpid: OK (0) - {}
Reload ACL from program code
The broker ACL can be reloaded at runtime by calling a QMF method.
The following code calls the appropriate QMF method to reload the ACL:
- Python
import qmf.console qmf = qmf.console.Session() qmf_broker = qmf.addBroker('localhost:5672') acl = qmf.getObjects(_class="acl")[0] result = acl.reloadACLFile() print result
Note that the server must be started with ACL enabled for the reload operation to succeed.