[rabbitmq-discuss] RabbitMQ ACL suggestions?

• Previous message: [rabbitmq-discuss] RabbitMQ ACL suggestions?
• Next message: [rabbitmq-discuss] check if queue is empty?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 6, 2011 at 3:51 AM, Simon MacMullen <simon at rabbitmq.com> wrote:

> On 06/07/11 01:28, Jason J. W. Williams wrote:
>
>> What form will this take? Is it going to be a new flag, or will API
>> access no longer required the "admin" flag?
>>
>
> API access never required the admin flag in =< 2.5.1, just that non-admins
> can only see their own stuff, and can't see broker-wide info at all.
>

Ah OK. Thanks for the clarification.


>
> The admin flag has been replaced by a "tags" field for users. Users can be
> given arbitrary tags within rabbitmq-server. rabbitmq-management then checks
> for the following tags:
>
> "administrator" (do everything, same as admin before)
> "monitoring" (look at everything, but only touch your own stuff)
> "management" (limited access to mgmt, same as non-admin before)
>
> Note also that by giving a user no tags you can lock them out of mgmt
> completely. This would be useful if (for example) you use secret queue names
> as capabilities.
>
>
This is very cool.


>
>  Also, any idea on the rev #?
>>
>  <https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss>
>

OK, I'll keep an eye out for it in the next release. Updating the book's
chapter about the API. Thank you very much for your help.

-J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20110706/d3311cd8/attachment.htm>

• Previous message: [rabbitmq-discuss] RabbitMQ ACL suggestions?
• Next message: [rabbitmq-discuss] check if queue is empty?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]