Inheritance


This section describes the inheritance of properties and permissions. For more information on wildcards, refer to Wildcards. For more information on properties, refer to Destination Properties. For more information on permissions, refer to Chapter 9, Authentication and Permissions.

Inheritance of Properties

All properties are inheritable for both topics and queues. This means that a property set for a destination is inherited by all destinations with matching names. For example, if topic foo.* is failsafe, then topics foo.bar and foo.bob inherit failsafe from foo.*.

Currently there is no way to make topic foo.* failsafe without making foo.bar failsafe. In other words, the system does not offer the ability to remove inherited properties.

Property inheritance is powerful, but complex to understand and administer. You must plan before assigning properties to topics and queues. Using wildcards to assign properties is a powerful tool, but must be used carefully.

For example, if you enter the following line in the topics configuration file:

> failsafe 

you make every topic failsafe, regardless of additional entries. This might require a great deal of memory for storage and greatly decrease the system performance.

There is one property that is an exception to the rules of inheritance. The maxbytes property has the following rules of inheritance:

  • If there is not a direct property value for the child, the most restrictive (smallest) of the parent or ancestor property values is used.
  • The child value, which is directly assigned to the child, overrides any values assigned to ancestors.

Inheritance of Permissions

Inheritance of permissions is similar to inheritance of properties. If the parent has a permission, then the child inherits that permission. For example, if Bob belongs to GroupA, and GroupA has publish permission on a topic, then Bob has publish permission on that topic.

Permissions for a single user are the union of the permissions set for that user, and of all permissions set for every group in which the user is a member. These permission sets are additive. Permissions have positive boolean inheritance. Once a permission right has been granted through inheritance, it can not be removed.

All rules for wildcards apply to inheritance of permissions. For example, if a user has permission to publish on topic foo.*, the user also has permission to publish on foo.bar and foo.new. For more information on wildcards, refer to Wildcards. For more information on permissions, refer to Chapter 9, Authentication and Permissions.


TIBCO Enterprise Message Service™ User’s Guide
Software Release 4.3, February 2006
Copyright © TIBCO Software Inc. All rights reserved
www.tibco.com