[rabbitmq-discuss] user access permmisions

Andrius Norkaitis Andrius.Norkaitis at oryo.lt
Fri Dec 5 09:48:21 GMT 2008


Thank you, Ben.

So there is just a simple access or deny on the vhost.

In my situation (insecure communication in internet cloud) I would need to
sign every message, so subscriber would know if content is tampered and who
is original sender.
I wish to have more grained security control provided by rabbit or event
ability to plug own security provider in the future releases.

Best regards,
Andrius


-----Original Message-----
From: Ben Hood [mailto:0x6e6562 at gmail.com] 
Sent: 2008.12.05 10:48
To: Andrius Norkaitis
Cc: rabbitmq-discuss at lists.rabbitmq.com
Subject: Re: [rabbitmq-discuss] user access permmisions

Andrius,

On Fri, Dec 5, 2008 at 7:44 AM, Andrius Norkaitis
<Andrius.Norkaitis at oryo.lt> wrote:
> Could you provide link or information what user permissions flags means.

These were access flags you can set with realms, but realms have
subsequently been removed from AMQP.

There are quite a few threads on this topic, e.g.:

http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/2008-September/001896.h
tml

If you search for realms, access control or ACL on this list, you will
find a lot of information.

> I want to allow user ("subscriber") to create named query, bind it to
> exchange to read messages only.

This is not possible because vhost access control, the only access
restriction available ATM, is too coarse grained.

Again, there are many discussions on how to improve this :-)

HTH,

Ben





More information about the rabbitmq-discuss mailing list