[rabbitmq-discuss] RPC authenticity relies on routing key?
rtrlists at googlemail.com
Fri Mar 12 11:51:24 GMT 2010
On Thu, Mar 11, 2010 at 9:03 PM, Nathaniel Haggard <natester at gmail.com>wrote:
> Machine D sends a message to exchange E1 with routing key send_to_A to
> execute a remote procedure call on A. A replies back using another
> exchange E2 with routing key results_of_A, but A could easily use the
> key results_of_B. Does rabbitmq have a way of making A only use the
> key results_of_A?
> Only D can write to E1. A, B, C can write to E2. I suppose A, B, C
> are all different users in the system although that seems overkill.
> Is there a better way to make sure the results from an RPC to A are
> really from A and not from B?
> I think it would not scale well (in the thousands) if A, B, C each had
> permissions to write to one queue exchanges E2, E3, and E4, but maybe
> that's wrong too.
I use the correlation_id header field to ensure I get the correct result for
a message back. But maybe I'm misunderstanding your question.
I think the Erlang Client has a test example that implements RPC this way.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the rabbitmq-discuss