Hi, Satyarh...<br><br><div class="gmail_quote">On Wed, Sep 5, 2012 at 10:27 AM, Satyarth Negi <span dir="ltr"><<a href="mailto:snegi@buffalo-studios.com" target="_blank">snegi@buffalo-studios.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>I am exploring RabbitMQ for use in our backend infrastructure. I have some backend servers that will publish to RabbitMQ broker. I am trying to look for a good way to authenticate our users. I am inclined towards putting ipchain rules to only allow incoming connections from my authorized servers and block for the rest.<br>
</blockquote><div><br>This is a very reasonable thing to do.� Let your trusted pieces of infrastructure through the firewall to touch the broker, and block others.<br>�</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
However i am interested to explore what authentication RabbitMQ supports. My publishers create persistent connection with Broker and i will prefer authentication to happen only during connection setup. What are the best practices for my use case ?<br>
</blockquote><div><br>You have a variety of authentication mechanisms including:<br><br><ul><li>The built-in RabbitMQ user database against which one authenticates by presenting a user name or password (such connections and conversations can be encrypted by SSL)</li>
<li>A plugin that allows you to delegate authentication tasks to an LDAP server</li><li>Support for the SASL EXTERNAL, where clients are required to present a client certificate, and the client's identity is determined from that</li>
<li>The ability to write custom authentication (and even authorization) plugins if you want to do something more esoteric; note, that to do this you'll need to write code in Erlang, and learn a bit out how Rabbit's internals, boot process, plugin system, etc., work.<br>
<br></li></ul></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>Thanks ! <br>
<br>_______________________________________________<br>
rabbitmq-discuss mailing list<br>
<a href="mailto:rabbitmq-discuss@lists.rabbitmq.com">rabbitmq-discuss@lists.rabbitmq.com</a><br>
<a href="https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss" target="_blank">https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss</a><br>
<br></blockquote></div><br>