[rabbitmq-discuss] AMQP security / dealing with Flex subscribers

Joern opendev at gmail.com
Mon Jan 26 10:38:51 GMT 2009


Hi Ben,

2009/1/23 Ben Hood <0x6e6562 at gmail.com>:

> If you published the name of an exchange to the public, you could have
> a security aware consumer process these messages and then forward them
> to the real exchange, which would have an unguessable name that only
> this consumer knows about.

This would work for me. The ACL based access control that was
mentioned recently on the list can be added later to prevent unwanted
operations from the Flash clients. I (wrongly) thought the exchange
name might be discoverable using management operations on the broker.

> BTW this is similar to the capabilities concept I described yesterday
> - did you read the article?

Yes, I read it but apparently only cursorily. The capability concept
seemed to me too abstract then so I failed to connect the dots to my
actual problem.

Best regards,


Joern
--




More information about the rabbitmq-discuss mailing list