Is it possible to use wildcards for queue permissions in WebSphere Liberty?

Question

The embedded messaging server in WebSphere Liberty supports access control on queues. In the server.xml, the following structure can be added under the messagingEngine section:

<messagingSecurity>
       <role name="queueAccess">
          <group name="admin"></group>
          <queuePermission queueRef="myQueues.queue_1">
             <action>ALL</action>
          </queuePermission>
       </role>
</messagingSecurity>

This would grant the admin user access to the queue myQueues.queue_1 but, if I want to grant access to multiple queues myQueues.queue_1 to myQueues.queue_n, it seems I have to create a section per queue.

I have tried several wildcards, such as myQueues* or like a regexp myQueues.* - but no luck. I have been unable to find any documentation on the use of wildcards, so can someone confirm or deny whether wildcards are possible in this scenario?

score 0 · Accepted Answer · answered Sep 18 '18 at 20:34

From what I can see (digged into the code of openliberty), there is no wildcard handler for it.

I know jboss uses this wildcard for jms security handling:

. (a single period) Denotes the space between words in a wildcard expression.
# (a pound or hash symbol) Matches any sequence of zero or more words.
* (an asterisk) Matches a single word.

Maybe something to hint for the liberty community ;)

Is it possible to use wildcards for queue permissions in WebSphere Liberty?

1 Answers1