[rabbitmq-discuss] Multi vhost access with static LDAP

• Previous message: [rabbitmq-discuss] Multi vhost access with static LDAP
• Next message: [rabbitmq-discuss] Multi vhost access with static LDAP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 08/10/2013 8:34PM, MyOwnFitness wrote:
> My question is how do i separate the two vhost's in the config file, and
> still maintain access control?
>
> Do i have 2 "vhost_access_query"? but then how do i set the permissions
> for each?
>
> ** Also, all LDAP is 100% static, i cannot add groups or attributes. **

I suspect you can't do this with 3.1.5, if there's no regularity in the 
patterns of username and object, and the information you want isn't in 
LDAP. The next release will support boolean operators in the various 
access queries, which will allow you to combine various queries 
together, one per user to do this.

But it sounds like what you really want is to be able to use LDAP just 
for authentication, and then do authorisation via the built in database. 
Does that sound accurate?

Cheers, Simon

-- 
Simon MacMullen
RabbitMQ, Pivotal

• Previous message: [rabbitmq-discuss] Multi vhost access with static LDAP
• Next message: [rabbitmq-discuss] Multi vhost access with static LDAP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]