Destination Access Control
When authorization is enabled, the server verifies user and group permissions before allowing operations on destinations, such as sending a message or receiving a message. However, this destination access control is only applicable for those destinations that have the secure property enabled. All operations by applications on the destination with secure
enabled are verified by the server according to the permissions listed in
acl.conf. Destinations with
secure
disabled continue to operate without any restrictions.
secure
property is independent of TLS-level security. The secure
property controls only basic authentication and permission verification. It does not affect the security of communication between clients and server.
When a destination does not have the
secure
property set, any authenticated user can perform any actions on that topic or queue.
See Destination Properties for more information about destination properties.