[rabbitmq-discuss] rabbit_auth_backend_ldap connect failed

SAG - Jonathan Andrés jandres at omie.es
Thu Aug 22 11:05:14 BST 2013


Thank you again.

I think I can't use the LDAP Plugin then. I need to do a search in the LDAP to find the user, I can't authenticate the user directly in the LDAP. This is no good news for me.

I have another problem creating a new user by the HTTP API, but I'll open a new question.

Thank you very much!







-----Mensaje original-----
De: Simon MacMullen [mailto:simon at rabbitmq.com] 
Enviado el: jueves, 22 de agosto de 2013 11:06
Para: Discussions about RabbitMQ
CC: SAG - Jonathan Andrés
Asunto: Re: [rabbitmq-discuss] rabbit_auth_backend_ldap connect failed

On 22/08/2013 9:41AM, SAG - Jonathan Andrés wrote:
> Thank you very much!
>
> Now I can see the logs of the LDAP Plugin. But I think this directive 
> is not working:
>
> {other_bind, {"UserXXX", "PassXXX"}},

 From http://www.rabbitmq.com/ldap.html:

"For authentication this plugin binds to the LDAP server as the user it is trying to authenticate. This option controls how to bind for authorisation queries, and to retrieve the details of a user who is logging in without presenting a password (e.g. SASL EXTERNAL)."

So other_bind is only used after authenticating the user. Looking at the documentation for mod_auth_ldap it looks like the Apache module does a search using the configured username before attempting to bind using the provided username. The RabbitMQ plugin doesn't do that.

> And I have another question: Once the producer and the consumer are 
> authenticated, can the consumer know who sent the message?

See: http://www.rabbitmq.com/validated-user-id.html

Cheers, Simon

--
Simon MacMullen
RabbitMQ, Pivotal


More information about the rabbitmq-discuss mailing list