[rabbitmq-discuss] ldap authentication
Nathan
phenisha at gmail.com
Wed Sep 21 01:56:35 BST 2011
On 09/20/2011 10:33 AM, Matthias Radestock wrote:
> On 20/09/11 01:21, Nathan wrote:
>> when i change it back to rabbitmq_auth_backend_internal
>> none of my local users can authenticate?
>
> That needs to be rabbit_auth_backend_internal, no "mq". That rule
> generally applies to the contents of auth_backends, since it refers to
> Erlang modules, which we usually name rabbit_*, whereas our Erlang
> applications (and hence config settings) are usually named rabbitmq_*.
> Except for the rabbit application, which is just called 'rabbit'.
> Confused yet?
>
> Matthias.
Ok now I have local auth back, thanks (and for the record I am confused)!
My current config looks like the following
[
{rabbitmq_stomp, [{tcp_listeners, [6163]} ]},
{rabbit, [{auth_backends, [rabbit_auth_backend_internal,
rabbitmq_auth_backend_ldap]}] },
{rabbitmq_auth_backend_ldap,
[ {servers, ["ldap.zozee.com"]},
{user_dn_pattern, "uid=${username},ou=people,dc=zozee,dc=com"},
{vhost_access_query,
{exists,"ou=${vhost},ou=people,dc=zozee,dc=com"}},
{resource_access_query,
{for, [{resource, exchange,{for, [{permission, configure,
{ in_group,
"cn=zozee,ou=groups,dc=zozee,dc=com" }
},
{permission, write, {constant,
true}},
{permission, read, {constant,
true}}
]}},
{resource, queue, {constant, true}} ]}},
{tag_queries, [{administrator, {constant, false}}]},
{use_ssl, false},
{port, 389},
{log, true} ] }
].
How ever I am still seeing errors in the log, as follows
=INFO REPORT==== 21-Sep-2011::10:54:01 ===
accepted TCP connection on [::]:5672 from 172.16.0.51:40465
=INFO REPORT==== 21-Sep-2011::10:54:01 ===
starting TCP connection <0.1343.0> from 172.16.0.51:40465
=ERROR REPORT==== 21-Sep-2011::10:54:04 ===
exception on TCP connection <0.1343.0> from 172.16.0.51:40465
{channel0_error,starting,
{error,undef,'connection.start_ok',
[{rabbitmq_auth_backend_ldap,check_user_login,
[<<"testguy">>,[{password,<<"testldappw">>}]]},
{rabbit_access_control,'-check_user_login/2-fun-0-',4},
{lists,foldl,3},
{rabbit_reader,auth_phase,2},
{rabbit_reader,handle_method0,3},
{rabbit_reader,handle_input,3},
{rabbit_reader,recvloop,2},
{rabbit_reader,start_connection,7}]}}
=INFO REPORT==== 21-Sep-2011::10:54:04 ===
closing TCP connection <0.1343.0> from 172.16.0.51:40465
Now, it looks like that it is trying to use the ldap module however i
can not see any
connections on my ldap server from the rabbitmq server.
More information about the rabbitmq-discuss
mailing list