[rabbitmq-discuss] ldap authentication

Nathan phenisha at gmail.com
Wed Sep 21 01:56:35 BST 2011


On 09/20/2011 10:33 AM, Matthias Radestock wrote:
> On 20/09/11 01:21, Nathan wrote:
>> when i change it back to rabbitmq_auth_backend_internal
>> none of my local users can authenticate?
>
> That needs to be rabbit_auth_backend_internal, no "mq". That rule 
> generally applies to the contents of auth_backends, since it refers to 
> Erlang modules, which we usually name rabbit_*, whereas our Erlang 
> applications (and hence config settings) are usually named rabbitmq_*. 
> Except for the rabbit application, which is just called 'rabbit'. 
> Confused yet?
>
> Matthias.

Ok now I have local auth back, thanks (and for the record I am confused)!

My current config looks like the following

[
  {rabbitmq_stomp, [{tcp_listeners, [6163]} ]},
  {rabbit, [{auth_backends, [rabbit_auth_backend_internal,  
rabbitmq_auth_backend_ldap]}]  },
  {rabbitmq_auth_backend_ldap,
   [ {servers,               ["ldap.zozee.com"]},
     {user_dn_pattern,       "uid=${username},ou=people,dc=zozee,dc=com"},
     {vhost_access_query,    
{exists,"ou=${vhost},ou=people,dc=zozee,dc=com"}},
     {resource_access_query,
       {for, [{resource, exchange,{for, [{permission, configure,
                                          { in_group, 
"cn=zozee,ou=groups,dc=zozee,dc=com" }
                                         },
                                         {permission, write, {constant, 
true}},
                                         {permission, read,  {constant, 
true}}
                                        ]}},
              {resource, queue, {constant, true}} ]}},
       {tag_queries,           [{administrator, {constant, false}}]},
       {use_ssl,               false},
       {port,                  389},
       {log,                   true} ] }
].


How ever I am still seeing errors in the log, as follows


=INFO REPORT==== 21-Sep-2011::10:54:01 ===
accepted TCP connection on [::]:5672 from 172.16.0.51:40465

=INFO REPORT==== 21-Sep-2011::10:54:01 ===
starting TCP connection <0.1343.0> from 172.16.0.51:40465

=ERROR REPORT==== 21-Sep-2011::10:54:04 ===
exception on TCP connection <0.1343.0> from 172.16.0.51:40465
{channel0_error,starting,
     {error,undef,'connection.start_ok',
         [{rabbitmq_auth_backend_ldap,check_user_login,
              [<<"testguy">>,[{password,<<"testldappw">>}]]},
          {rabbit_access_control,'-check_user_login/2-fun-0-',4},
          {lists,foldl,3},
          {rabbit_reader,auth_phase,2},
          {rabbit_reader,handle_method0,3},
          {rabbit_reader,handle_input,3},
          {rabbit_reader,recvloop,2},
          {rabbit_reader,start_connection,7}]}}

=INFO REPORT==== 21-Sep-2011::10:54:04 ===
closing TCP connection <0.1343.0> from 172.16.0.51:40465


Now, it looks like that it is trying to use the ldap module however i 
can not see any
connections on my ldap server from the rabbitmq server.


More information about the rabbitmq-discuss mailing list