[rabbitmq-discuss] Custom authentication and authorization

Simon MacMullen simon at rabbitmq.com
Mon Feb 14 10:30:19 GMT 2011

On 14/02/11 07:23, Benjamin Renaud wrote:
> I've started reading on Rabbit MQ's plugin's and the custom auth, but I
> wanted to check with the list before I launched into implementing our
> solution.
> We run RabbitMQ over the public Internet (.NET clients talking to an EC2
> cloud). On subscription, we'd like to run an
> authentication/authorization process, which would query our user server
> for auth/auth via REST. From what I gather, the right way to do this is
> to write a plugin for Rabbit, perhaps starting from an existing plugin
> as a starting point?


You would need to write an implementation of the rabbit_auth_backend 
behaviour. You should look at:

  - the behaviour itself

  - the type signatures for the behaviour

  - the implementation of the built in auth database. Note that you only
    need to look at the code before the comment
    "Manipulation of the user database".

  - alternate implementation using LDAP

You'll need to configure RabbitMQ to use your plugin. Set the 
auth_backends variable for the rabbit application to a list of 
authentication plugins to try in order.

And tell us of your experiences here :)

Cheers, Simon

Simon MacMullen
Staff Engineer, RabbitMQ
SpringSource, a division of VMware

More information about the rabbitmq-discuss mailing list