[rabbitmq-discuss] Message routing

• Previous message: [rabbitmq-discuss] Message routing
• Next message: [rabbitmq-discuss] Message routing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Martin Sustrik wrote:
> When client calls and requests access to some service the only thing you 
> have to do is to grant him necessary privileges to bind to the specific 
> exchange. I don't know how this can be done using RabbitMQ. *Question 
> for RabbitMQ team!*

Exchanges and queues belong to realms. Realms can be created using the 
rabbitmqctl admin tool - see 
http://www.rabbitmq.com/admin-guide.html#add_realm. The realm of an 
exchange/queue is determined at the time of their creation.

Publishing to an exchange requires the user to have 'write' access to 
the exchange's realm. This can be granted with the rabbitmqctl admin 
tool - see http://www.rabbitmq.com/admin-guide.html#set_permissions.

So far so good.

However, binding a queue to an exchange requires the user to have 
'active' access to the *queue*'s realm. The AMQP 0-8 spec says nothing 
about the exchange's realm in this context.

So there doesn't appear to be a way to restrict queue-exchange bindings.

Also, the concept of realms is being revamped/removed(?) in AMQP 0-10.


Matthias.

• Previous message: [rabbitmq-discuss] Message routing
• Next message: [rabbitmq-discuss] Message routing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]