[rabbitmq-discuss] RPC authenticity relies on routing key?

Robert Raschke rtrlists at googlemail.com
Fri Mar 12 11:51:24 GMT 2010


On Thu, Mar 11, 2010 at 9:03 PM, Nathaniel Haggard <natester at gmail.com>wrote:

> Machine D sends a message to exchange E1 with routing key send_to_A to
> execute a remote procedure call on A.  A replies back using another
> exchange E2 with routing key results_of_A, but A could easily use the
> key results_of_B.  Does rabbitmq have a way of making A only use the
> key results_of_A?
>
> Only D can write to E1.  A, B, C can write to E2.  I suppose A, B, C
> are all different users in the system although that seems overkill.
>
> Is there a better way to make sure the results from an RPC to A are
> really from A and not from B?
>
> I think it would not scale well (in the thousands) if A, B, C each had
> permissions to write to one queue exchanges E2, E3, and E4, but maybe
> that's wrong too.
>
> -Nate
>
>
I use the correlation_id header field to ensure I get the correct result for
a message back. But maybe I'm misunderstanding your question.

I think the Erlang Client has a test example that implements RPC this way.

Robby
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20100312/dcddcf97/attachment.htm 


More information about the rabbitmq-discuss mailing list