0 Replies Latest reply: Aug 7, 2013 7:48 PM by 0be072be-755c-46ad-b6b3-5f6637b2a659 RSS

    How to connect 2 domains using application-level ACLs?


      I have the next configuration:


      Domain 1 and 2 have:





      Dominio 3 has none and none in both files.


      Service TOLOWER is imported by domain 1 from domain 2 and domain 3

      Service TOUPPER is imported by domain 2 and 3 from domain 1


      When I shutdown domain 2 (which have app-level security: ACL) and run client in domain 1, everything works perfect. Request is routed to domain 3 and it's processed successfully.


      But when I shutdown domain 3, boot domain 2 and run client in domain 1, I get the error (in domain 2): WARN: Access control violation - user 131071 on simple tried to access SERVICE TOLOWER.


      How do I export services from domains using ACLs? In my tests I realized that acls defined in the dmconfig file have nothing to do with acls created with the tpacladd command. I tried to create user 131071 in domain 2 but it didn't work either.