[rabbitmq-discuss] AMQP authentication with RabbitMQ

Darien Kindlund darien at kindlund.com
Wed Jul 8 18:04:17 BST 2009

Hi Laurens,

I'm not an OpenSSL nor RabbitMQ expert, but I got the impression that
stunnel (which uses OpenSSL) somehow populates certificate information
after the connection is established via environment variables.  See
this URL for more information about the types of environment variables

Again, I'm not sure if 'mod_ssl' had to do anything with OpenSSL in
order to expose these variables to apache, but I'm guessing it _can_
be done with stunnel.

Hope this helps,
-- Darien

On Wed, Jul 8, 2009 at 12:57 PM, Laurens Van Houtven<lvh at laurensvh.be> wrote:
> Hash: SHA1
> Hi :-)
> I'm wondering about encryption and authentication within AMQP (using RabbitMQ).
> I'm porting existing code that did not have a messaging component.
> This code used per-client (in AMQP these would be producers)
> pre-shared certificates to do authentication. The problem in porting
> it (as I see it at least), is that with RabbitMQ+stunnel, the servers
> (= AMQP consumers) never get to see the SSL'ed data coming from the
> clients, so they cannot see the client certificate, so I can't use it
> to do authentication.
> I'm trying to find a solution to this problem. I'd like to keep using
> SSL, but just using SSL with pre-shared certificates only guarantees
> my consumers that the producer is *a* known user -- my consumers don't
> know *who* the producer is. For example, given two registered users
> (with pre shared SSL certs) Alice and Mallory (the latter being up to
> no good), I want to prevent that Mallory logs in with his SSL cert and
> his username, but then pretends to be Alice in the actual message
> contents.
> I'm not yet intricately familiar with the way RabbitMQ ACL's work, but
> I think that it could be solved by using SSL (with stunnel), together
> with a username and a password, and then have one vhost per user and
> per consumer role. I'm not entirely sure how well RabbitMQ is designed
> to scale as the number of vhosts increase, since this would result in
> N*M queues (with M the number of services and N the number of uesrs).
> Also, I think this means I also need one queue per user and per
> service, since otherwise my consumers still don't know anything about
> the user identity. I think this (unfortunately) means that my
> consumers will need to be reconfigured every time a new user is added,
> which obviously sucks pretty bad.
> Am I better off putting authentication in my message contents?
> Thanks in advance
> Laurens
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.6)
> iEYEARECAAYFAkpUz+4ACgkQT5v5zGkvKT7VjQCfRxz/PD00FieuaEhQ3aAsjOFB
> zyYAoLwdWb8pd34zaHCldzGUFnrD70yh
> =wttN
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
> http://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss

More information about the rabbitmq-discuss mailing list