[rabbitmq-discuss] Authorization in RabbitMQ

Ralf Kistner ralf.kistner at gmail.com
Mon Oct 4 14:38:02 BST 2010


I'm have a client that runs on mobile phones, that are sending
messages to my server (via STOMP on RabbitMQ).

I could add a signature to each message, but it could add significant
overhead to the messages. It would also be difficult to notify the
mobile client when its signature is invalid.

So far the best solution seems to be to implement a custom protocol,
with a small application on the server relaying the messages to
RabbitMQ via AMQP.

Ralf

>
> Ralf,
>
> I don't think STOMP adds any auth headers to messages. STOMP is
> basically a very simple protocol, and should remain as simple as possible.
>
> I'm not sure what setup you have, but can you just implement authentication
> inside your application? Maybe a crypto signature that comes with the message?
>
> Cheers,
>  Marek
>


More information about the rabbitmq-discuss mailing list