Hi, Prabodh:<br><br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">For my next phase, I need to integrate with the external system and control<br>
authorization. First thing I need to do is control users from creating<br>
temporary queue with only certain filter criteria. i.e. allow logged in<br>
user to create a queue based on filter key *.warning. This user will not<br>
have permission to create a queue with *.error tag. How can I control that?<br></blockquote><div><br></div><div>To handle such checks you'll have to implement an "authorization backend" by implementing the 'rabbit_auth_backend' Erlang behaviour.</div>
<div><br></div><div>The behaviour in question is pretty simple, exposing only check_user_login/2, check_vhost_access/2 and check_resource_access/2. The last of these three is where you will want to implement your logic for enforcing what operations a user can perform on which resources.</div>
<div><br></div><div>If you want some example code to look at, check out the source for the RabbitMQ broker itself, which implements the above behaviour, with checks against an Mnesia-based database of users and permissions, in the file rabbit_auth_backend_internal.erl; the Mnesia/database stuff there is likely not directly relevant to your application but you can get a sense for the sorts of work you'll need to do to get what you want working.</div>
<div><br></div><div>Best regards,</div><div>Jerry</div><div><br></div></div>