[rabbitmq-discuss] Access rights with rabbit_auth_backend_ldap plugin

Simon MacMullen simon at rabbitmq.com
Thu Oct 20 17:20:22 BST 2011


Hi Olivier.

At the moment there's no support for regular expressions in the LDAP 
plugin. This might get added in the future though; I'm looking into how 
the existing queries could be enhanced.

At the moment the sort of thing you can do is to use an in_group query 
and have a groupOfNames per object you want to control access to - but 
there's no pattern matching.

If you could describe on or off list how your LDAP database is 
structured and what you're trying to do, that would be a help.

Cheers, Simon

On 20/10/11 14:48, GEHIN Olivier wrote:
> Hello,
>
> I have well configurate the rabbit_auth_backend_ldap plugin with my LDAP
> directory and the connexion works.
>
> Now, I would limit access for a user to write access for a specific
> exchange and read access for a specific queue.
>
> With internal database, we could use regular expression to define access
> rights for a user.
>
> Can we define similar access rights with this plugin?
>
> Best regards,
>
> Olivier
>
> ------------------------------------------------------------------------
>
> Ce message et les pièces jointes sont confidentiels et réservés à
> l'usage exclusif de ses destinataires. Il peut également être protégé
> par le secret professionnel. Si vous recevez ce message par erreur,
> merci d'en avertir immédiatement l'expéditeur et de le détruire.
> L'intégrité du message ne pouvant être assurée sur Internet, la
> responsabilité du groupe Atos ne pourra être engagée quant au contenu de
> ce message. Bien que les meilleurs efforts soient faits pour maintenir
> cette transmission exempte de tout virus, l'expéditeur ne donne aucune
> garantie à cet égard et sa responsabilité ne saurait être engagée pour
> tout dommage résultant d'un virus transmis.
>
> This e-mail and the documents attached are confidential and intended
> solely for the addressee; it may also be privileged. If you receive this
> e-mail in error, please notify the sender immediately and destroy it. As
> its integrity cannot be secured on the Internet, the Atos group
> liability cannot be triggered for the message content. Although the
> sender endeavors to maintain a computer virus-free network, the sender
> does not warrant that this transmission is virus-free and will not be
> liable for any damages resulting from any virus transmitted.
>
>
>
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss


-- 
Simon MacMullen
RabbitMQ, VMware


More information about the rabbitmq-discuss mailing list