[rabbitmq-discuss] Fine grain access control when using STOMP
rob at rabbitmq.com
Fri Mar 11 14:27:52 GMT 2011
There is no way to restrict user access to particular routing key patterns.
One approach that might approximate this is to use separate topic
exchanges for the topics you want. You can then address these in the
STOMP adapter using /exchange/<topic.exchange.name>/<routing.key>
On 10/03/11 00:12, Nite wrote:
> I am trying to replace my ActiveMQ stomp server with RabbitMQ, but am
> having some trouble replicating the same level of access control that I
> get with ActiveMQ. For example, on ActiveMQ, I can specify:
> <authorizationMap> <authorizationEntries> <authorizationEntry topic=">"
> write="admins" read="admins" admin="admins" /> <authorizationEntry
> topic="foo.>" write="foo" read="foo" admin="foo" />
> </authorizationEntries> </authorizationMap>
> So admins have access to all topics, but the foo user has access to only
> the topics that begin with the words "foo.", e.g. foo.ping
> On rabbitmq, the farthest I can go using rabbitmqctl is:
> *./rabbitmqctl set_permissions foo "amq\.gen.*|amq\.topic$"
> "amq\.gen.*|amq\.topic$" "amq\.gen.*|amq\.topic$"*
> Which restricts the user "foo" to access only the topics exchange. How
> can I further restrict foo's access to topics that begin with foo. ?
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
More information about the rabbitmq-discuss