[rabbitmq-discuss] Advanced per-user authorization

[Jonas Schwertfeger]

Hi there,

I'm working on an application where untrusted clients connect to RabbitMQ 
as consumers in a pub/sub scheme. Clients can connect either as anonymous 
guests or as registered users via username/password.

I have a backend that acts as a producer. The producer publishes two types 
of messages:

1) Public messages with information that every client should be able to 
consume by binding their queues to the relevant topic exchange and routing 
key.

2) Private messages that are targeted at specific users (each message is 
targeted at one particular user). Clients should only be able to consume 
messages targeted at the user with which they connected.

My question now is, how to best enforce this authorization scheme. It 
doesn't seem like RabbitMQ supports authorization based on routing keys but 
only on vhosts, exchanges and queues.

They way I would solve this is by having the producer create a topic 
exchange per user and only give that particular user the right to bind its 
queues against it. Private messages would be published to the target user's 
topic exchange while public messages would be published to amq.topic.

Is this secure or am I missing something?

How light-weight are exchanges in RabbitMQ? What dose the memory and 
computational complexity look like if there are N exchanges? O(1) or worse?

We are not talking about a few hundred users but hundreds of thousands, if 
not millions, of users - and hence millions of exchanges.

-Jonas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20121121/df95ddb6/attachment.htm>