Inheritance
If wildcard destinations are present in the configuration, an application’s destination might match multiple configured destinations. These are known as overlapping destinations.
Persistence Store and Cluster
Overlapping destinations must always use the same persistence store and cluster. It is an error to configure overlapping destinations with different persistence stores.
Subscription Properties
Overlapping destinations might specify different destination properties. When a topic subscription, queue, or map is created, FTL determines its properties as follows:
-
If an exact match is found (for example, subscribe on
foo.barandfoo.baris in the config), FTL uses its properties. For example:-
If
>,foo.*, andfoo.barare configured, a subscriber onfoo.baruses the config fromfoo.bar.
-
-
If a most-specific matching config is found, FTL uses its properties. A “most-specific” config is defined as one which is the strictest subset of all matching configs. For example:
-
If
>andfoo.*are configured, a subscriber onfoo.baruses the config fromfoo.*. -
If
*.*andfoo.*are configured, a subscriber onfoo.baruses the config fromfoo.*. -
If
foo.*and*.barare configured, there is no most-specific config, so FTL proceeds to tiebreaks.
-
-
If multiple matching configs are found and a most specific cannot be determined, FTL determines the value for each property as follows, from the properties of all matching configs:
| Property | Rule |
|---|---|
| message_ttl | Select lowest value (0 is treated as infinity) |
| durable_ttl | Select lowest value (0 is treated as infinity) |
| retention_time | Select lowest value |
| bytelimit | Select lowest value (0 is treated as infinity) |
| message_limit | Select lowest value (0 is treated as infinity) |
| swap_bytelimit | Select lowest value (-1 is treated as infinity; 0 as 0) |
| discard | Prefer ‘old’ over ‘new’ |
| ack_settings | Prefer ‘sync’ over ‘async’ |
| (ack) batch_size | Select lowest value |
| (ack) batch_time | Select lowest value |
| max_delivery | Select lowest value (0 is treated as infinity) |
These rules enable you to designate a set of destination properties to use in generic cases, and other sets of destination properties to use for certain special cases.
Access Control
Overlapping destinations may specify different access control lists.
When an application program performs an operation on a destination (e.g. subscribe or publish), and you have enabled permissions in the FTL realm, FTL server will check that the application has permission to perform the requested operation on the specified destination.
When there are overlapping destinations in the configuration, FTL server will check the access control lists of all matching destinations. If any permission to perform the operation is granted for any matching destination, FTL server will allow the operation.
Put another way, the effective access control list for a specific destination is the union of the access control lists for all matching destinations. This allows you to specify broad permissions for more privileged users, and narrow permissions for less privileged users.
For example, if the configuration for foo.* indicates that user Bob is allowed to publish, while the configuration for foo.bar indicates that user Alice is allowed to publish, then:
-
Bob is allowed to publish on
foo.barandfoo.boo. -
Alice is allowed to publish on
foo.barbut not onfoo.boo.