gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-02 03:38:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
4df6c9aeb8e3d028b5ab4cfa519492aa3c594156
nats-server/test/configs/auths.conf
Ivan Kozlovic e976e63099 Fixing some flappers 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
2020-05-25 06:58:23 -07:00

69 lines
1.3 KiB
Plaintext
Raw Blame History

# Our role based permissions.
# Admin can do anything.
ADMIN = {
publish = ">"
subscribe = ">"
}
# Can do requests on req.foo or req.bar, and subscribe to anything
# that is a response, e.g. _INBOX.*
#
# Notice that authorization filters can be singletons or arrays.
REQUESTOR = {
publish = ["req.foo", "req.bar"]
subscribe = "_INBOX.*"
}
# Default permissions if none presented. e.g. Joe below.
DEFAULT_PERMISSIONS = {
publish = "SANDBOX.*"
subscribe = ["PUBLIC.>", "_INBOX.>"]
}
# This is to benchmark pub performance.
BENCH = {
publish = "a"
}
# New Style Permissions
NEW_STYLE = {
publish = {
allow = "*.*"
deny = ["SYS.*", "bar.baz", "foo.*"]
}
subscribe = {
allow = ["foo.*", "SYS.TEST.>"]
deny = ["foo.baz", "SYS.*"]
}
}
NS_PUB = {
publish = "foo.baz"
subscribe = "foo.baz"
}
BENCH_DENY = {
subscribe = {
allow = ["foo", "*"]
deny = "foo.bar"
}
}
# This is for services where you only want
# responses to reply subjects to be allowed.
MY_SERVICE = {
subscribe = "my.service.req"
publish_allow_responses: true
}
# This is a more detailed example where responses
# could be streams and you want to set the TTL
# and maximum allowed.
MY_STREAM_SERVICE = {
subscribe = "my.service.req"
allow_responses = {max: 10, ttl: "50ms"}
}
Reference in New Issue View Git Blame Copy Permalink