nats支持对每一个用户进行主题级别的授权,即允许谁发布或者订阅哪个主题。
authorization {
default_permissions = {
publish = "SANDBOX.*"
subscribe = ["PUBLIC.>", "_INBOX.>"]
}
ADMIN = {
publish = ">"
subscribe = ">"
}
REQUESTOR = {
publish = ["req.a", "req.b"]
subscribe = "_INBOX.>"
}
RESPONDER = {
subscribe = ["req.a", "req.b"]
publish = "_INBOX.>"
}
users = [
{user: admin, password: $ADMIN_PASS, permissions: $ADMIN},
{user: client, password: $CLIENT_PASS, permissions: $REQUESTOR},
{user: service, password: $SERVICE_PASS, permissions: $RESPONDER},
{user: other, password: $OTHER_PASS}
]
}
或者
authorization {
users = [
{
user: admin,
password: secret,
permissions: {
publish: ">",
subscribe: ">"
}
},
{
user: test,
password: test,
permissions: {
publish: {
deny: ">"
},
subscribe: {
allow: "client.>"
}
}
},
]
}
或者
authorization {
users = [
{user: a, password: a},
{user: b, password: b, permissions: {subscribe: "q", allow_responses: true}},
{user: c, password: c, permissions: {subscribe: "q", allow_responses: { max: 5, expires: "1m" }}}
]
}
本文发表于 0001-01-01,最后修改于 0001-01-01。
本站永久域名「 jiavvc.top 」,也可搜索「 后浪笔记一零二四 」找到我。
