Can anyone see what's wrong with this ACL? It is the most simple of configurations, but doesn't work.
My goal is to have:
- all regular users read and write to /#.
- all regular users can also read from the admin at sys/$
- a user named 'system' can read/write to all routes, and importantly, to sys/#
The following configuration, as far as I can tell, should work, but doesn't:
pattern %u/#
topic read sys/#
user system
topic #
Whenever I specify a configuration for any one user ('system' in this case), all other users can no longer connect.
If I comment out the 'topic #' under that specific user, it works, but of course then my 'system' user can no longer send to sys/#.
pattern %u/#
topic read sys/#
user system
#topic #
It works if I provide specifications for each of the users individually, such as the following:
topic read sys/#
pattern %u/#
user system
topic #
#-- begin user-specific specifications
user george
topic george/#
user kathy
topic katy/#
user moe
topic katy/# [... etc]
I can grow the ACL file programmatically, but it seems I should have to, and the first ACL should work.
Any suggestions? Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire