[rabbitmq-discuss] ssl certificate to client lookup

• Previous message: [rabbitmq-discuss] ssl certificate to client lookup
• Next message: [rabbitmq-discuss] ssl certificate to client lookup
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 28, 2010 at 08:10:10AM +0200, Lionel Cons wrote:
> Matthew Sackman <matthew at rabbitmq.com> writes:
> > On Thu, Jun 24, 2010 at 03:13:20PM -0600, Nathaniel Haggard wrote:
> > > It would be nice if rabbitmq set a header in messages with some
> > > metadata from the x509 certificate used to establish the ssl
> > > connection.
> > 
> > Err, why?
> 
> FWIW, we currently rely on this functionality: we use X.509 for
> authetication and we need to track down who sent a given message

Ahh, yes there has been some discussion about this sort of thing
internally too - you're not the only people who want to know from whom a
message came. At the moment, the best I can suggest is to use
permissions to ensure each user can only publish to one exchange - have
an exchange per user. Then, in deliveries, the exchange is indicated,
which means when you receive a message, you can, from its exchange, know
who sent it.

Matthew

• Previous message: [rabbitmq-discuss] ssl certificate to client lookup
• Next message: [rabbitmq-discuss] ssl certificate to client lookup
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]