[rabbitmq-discuss] Configuring Users

Jerry Kuch jerryk at vmware.com
Fri Mar 9 21:40:29 GMT 2012 

Hi, Paul... answers inline:

> But let me make sure I understand: user names and passwords are NOT in 
> rabbitmq.config; for Windows, rabbitmq.config will be in %APPDATA%\RabbitMQ\.

By default, that shoudl be the case, yes.

> I see no rabbitmq.config in %APPDATA%\RabbitMQ\. I can only conclude from this that > its presence is not required if all default configuration values are in effect (my case, I > think).

Rabbit can live without a file there.  If you enable RABBITMQ_CONSOLE_LOG as per this page:

http://www.rabbitmq.com/configure.html

you can look at the RabbitMQ startup blurb.  It will print a line prefaced with "config file(s):" that will tell you what, if any config files it used when starting up.  See the "Verify Configuration" of the above page for details.

> Here's what's behind my question: I am thinking about the use of site-specific
> passwords, i.e., I don't want to ship a product to multiple customers and have these
> multiple instances of Rabbit share a common password for a fixed username.

Sounds very reasonable.

> Let's suppose that I have a means of generating, encrypting, and saving to disk a
> site-specific password for this fixed Rabbit user (maybe the username, common to all > installations, is "syncsortRabbit" - whatever). Rabbit login code would then have 
> to read
> the password from disk, decrypt it, and then convey it via
> connectionFactory.setPassword().

And also of course get an appropriate user created in the broker with known name and matching password, but yes indeed.

> From another perspective, I cannot distribute a product whose Rabbit component has a > pre-configured user all of whose passwords are identical. That is, each copy can have > user "syncsortRabbit" and each can have an initial fixed password, but I would need a > way to change that password to make it site-specific.
>
> Perhaps, after generating a site-specific password, I could accomplish this via
> rabbitmqctl add_user.....?

You absolutely could do that.   Details depend on how you're distributing Rabbit and how you're doing the per-user customization.  You could imagine giving your customers a run-once, initial provisioning scripts that creates users/passwords that your system needs for example.

Best regards,
Jerry

More information about the rabbitmq-discuss mailing list