Destination Control

When server authorization is enabled, the server checks user names and password of all connections without exceptions. However, operations on destinations, such as sending a message or receiving a message, are not verified unless the destination has enabled the secure property on the destination. All operations by applications on the destination with secure enabled are verified by the server according to the permissions listed in acl.conf. Destinations with secure disabled continue to operate without any restrictions.

Note: The secure property is independent of TLS-level security. The secure property controls only basic authentication and permission verification. It does not affect the security of communication between clients and server.

When a destination does not have the secure property set, any authenticated user can perform any actions on that topic or queue.

See Destination Properties for more information about destination properties.