- In Red Hat AMQ 6.x, clients that having Read permission on a topic are allowed to create a subscription. However, in Red Hat AMQ 7, when mapping Artemis permissions to ActiveMQ 5.x permissions, clients aren’t permitted to create a queue with a ActiveMQ 5.x Read permission. In our migration from ActiveMQ 5.x to AMQ 7 we are constantly receiving errors like the following:
User: x does not have permission='CREATE_NON_DURABLE_QUEUE' for queue on x.address
- It happens on multicast queues where the ActiveMQ 5.x client only has Read permission on the queue.
We know that queues are allowed to be created if the client has the ActiveMQ 5.x Send permission. Is it possible to do have a similar behavior for the ActiveMQ 5.x Read permission, but only for multicast queues ?
Are there any alternatives that can be used in conjunction with
LegacyLDAPSecuritySettingPlugin that will allow a multicast queue to be created with only a ActiveMQ 5.x Read permission?
- We can have the ability to create multicast queues with a ActiveMQ 5.x Read permission. The current implementation works as documented - the Artemis
CREATE_DURABLE_QUEUEpermissions are mapped to the ActiveMQ 5.x Admin permission. What we want is the capability to also map the
REATE_DURABLE_QUEUEpermissions to the ActiveMQ 5.x Read permission for multicast queues. This is for using the LDAP security plugin.
- Red Hat AMQ
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.