[rabbitmq-discuss] ldap authentication
Nathan
phenisha at gmail.com
Mon Sep 19 07:10:38 BST 2011
Hello,
I am experimenting with rabbitmq and ldap authentication plugin.
Below is my current /etc/rabbitmq/rabbitmq.config:
What I am trying to achieve is that users in ldap group zozee can
publish and subscribe
to queues.
[
{rabbitmq_stomp, [{tcp_listeners, [6163]} ]},
{rabbit, [{auth_backends, [rabbit_auth_backend_ldap]}] },
{rabbit_auth_backend_ldap,
[ {servers, ["ldap.zozee.com"]},
{user_dn_pattern, "uid=${username},ou=people,dc=zozee,dc=com"},
{vhost_access_query,
{exists,"ou=${vhost},ou=people,dc=zozee,dc=com"}},
{resource_access_query,
{for, [{resource, exchange,{for, [{permission, configure,
{ in_group,
"cn=zozee,ou=groups,dc=zozee,dc=com" }
},
{permission, write, {constant,
true}},
{permission, read, {constant,
true}}
]}},
{resource, queue, {constant, true}} ]}},
{tag_queries, [{administrator, {constant, false}}]},
{use_ssl, true},
{port, 636},
{log, false} ] }
].
when I try to publish work with a queue i get the following
errors
=ERROR REPORT==== 19-Sep-2011::15:54:21 ===
exception on TCP connection <0.362.0> from 172.16.0.51:37261
{channel0_error,starting,
{amqp_error,access_refused,
"PLAIN login refused:
cn=guest,ou=People,dc=example,dc=com",
'connection.start_ok'}}
so it looks like rabbitmq is not reading my config file correctly as is
looking at example.com in ldap??
any help will be appreciated
Thanks
Nathan
also below is my rabbitmqctl command
copernicium:~# rabbitmqctl report
Reporting server status on {{2011,9,19},{6,7,46}}
Status of node rabbit at copernicium ...
[{pid,2316},
{running_applications,
[{amqp_client,"RabbitMQ AMQP Client","2.6.1"},
{rabbitmq_stomp,"Embedded Rabbit Stomp Adapter","2.6.1"},
{rabbit,"RabbitMQ","2.6.1"},
{mnesia,"MNESIA CXC 138 12","4.4.19"},
{os_mon,"CPO CXC 138 46","2.2.6"},
{sasl,"SASL CXC 138 11","2.1.9.4"},
{rabbitmq_auth_backend_ldap,"RabbitMQ LDAP Authentication Backend",
"2.6.1"},
{eldap,"LDAP Client Library","2.6.1-gite309de4"},
{stdlib,"ERTS CXC 138 10","1.17.4"},
{kernel,"ERTS CXC 138 10","2.14.4"}]},
{os,{unix,linux}},
{erlang_version,
"Erlang R14B03 (erts-5.8.4) [source] [64-bit] [smp:16:16] [rq:16]
[async-threads:30] [kernel-poll:true]\n"},
{memory,
[{total,26838928},
{processes,10152320},
{processes_used,10139488},
{system,16686608},
{atom,1200153},
{atom_used,1177465},
{binary,74616},
{code,11876398},
{ets,821120}]}]
Cluster status of node rabbit at copernicium ...
[{nodes,[{disc,[rabbit at copernicium]}]},{running_nodes,[rabbit at copernicium]}]
Application environment of node rabbit at copernicium ...
[{auth_backends,[rabbit_auth_backend_ldap]},
{auth_mechanisms,['PLAIN','AMQPLAIN']},
{backing_queue_module,rabbit_variable_queue},
{cluster_nodes,[]},
{collect_statistics,none},
{collect_statistics_interval,5000},
{default_permissions,[<<".*">>,<<".*">>,<<".*">>]},
{default_user,<<"guest">>},
{default_user_tags,[administrator]},
{default_vhost,<<"/">>},
{delegate_count,16},
{frame_max,131072},
{included_applications,[]},
{msg_store_file_size_limit,16777216},
{msg_store_index_module,rabbit_msg_store_ets_index},
{queue_index_max_journal_entries,262144},
{server_properties,[]},
{ssl_listeners,[]},
{ssl_options,[]},
{tcp_listen_options,[binary,
{packet,raw},
{reuseaddr,true},
{backlog,128},
{nodelay,true},
{exit_on_close,false}]},
{tcp_listeners,[5672]},
{trace_vhosts,[]},
{vm_memory_high_watermark,0.4}]
Connections:
Channels:
Queues on /:
Exchanges on /:
name type durable auto_delete internal arguments
amq.direct direct true false false []
amq.topic topic true false false []
amq.rabbitmq.trace topic true false false []
amq.rabbitmq.log topic true false false []
amq.fanout fanout true false false []
amq.headers headers true false false []
direct true false false []
amq.match headers true false false []
Bindings on /:
Consumers on /:
Permissions on /:
user configure write read
mcollective ^amq.gen-.* .* .*
testguy .* .* .*
End of server status report
...done.
copernicium:~#
More information about the rabbitmq-discuss
mailing list