Migrating to FTL 6.8.0 when Using Permissions

If you are migrating from a version of FTL prior to 6.8.0 and want to set up permissions, complete the steps in the following order to minimize the number of application restarts.

1. Ensure that TLS and authentication are enabled.

2. Ensure that all persistence transports are secure. Changing this will require a restart of persistence services and clients.

3. Upgrade the servers to 6.8.0.

4. Upgrade the clients to 6.8.0.

5. Set enable_permissions to true and configure appropriate permissions for users and/or roles. This will require a restart of any publisher or subscriber using server-based inboxes (via a dedicated inbox store, ftl.system.inbox.store or ftl.routing.inbox.store) because endpoint store inboxes are now required. See Endpoint Store Inboxes.

6. Verify that stores are using the permissions you have configured. If no permissions are set up, users will not have access to publish/subscribe to a store. The loglevel acl:verbose may be set at the FTL server (specifically, the persistence service) to identify authorization failures.