[rabbitmq-discuss] Authorization in RabbitMQ

Ralf Kistner ralf.kistner at gmail.com
Sun Oct 3 18:18:28 BST 2010

For my application I have many users that need to publish messages.
When processing messages, I need to validate that the user had
permission to perform the requested operations.

I could not find any way for the consumer of the message to determine
the identity of the user that sent the message. Is this possible, or
do I have to send kind of authorization token with every message?

Currently I'm using STOMP for the connection to the clients. An
alternative would be to create some middle layer between the clients
and RabbitMQ. This middle layer could then automatically add
authorization tokens to each message. Any comments on this? Would it
be better to implement this middle layer as a plugin in RabbitMQ, or
as a separate AMQP client?

More information about the rabbitmq-discuss mailing list