[rabbitmq-discuss] RabbitMQ ACL suggestions?

Jason J. W. Williams jasonjwwilliams at gmail.com
Wed Jul 6 20:39:13 BST 2011

On Wed, Jul 6, 2011 at 3:51 AM, Simon MacMullen <simon at rabbitmq.com> wrote:

> On 06/07/11 01:28, Jason J. W. Williams wrote:
>> What form will this take? Is it going to be a new flag, or will API
>> access no longer required the "admin" flag?
> API access never required the admin flag in =< 2.5.1, just that non-admins
> can only see their own stuff, and can't see broker-wide info at all.

Ah OK. Thanks for the clarification.

> The admin flag has been replaced by a "tags" field for users. Users can be
> given arbitrary tags within rabbitmq-server. rabbitmq-management then checks
> for the following tags:
> "administrator" (do everything, same as admin before)
> "monitoring" (look at everything, but only touch your own stuff)
> "management" (limited access to mgmt, same as non-admin before)
> Note also that by giving a user no tags you can lock them out of mgmt
> completely. This would be useful if (for example) you use secret queue names
> as capabilities.
This is very cool.

>  Also, any idea on the rev #?
>  <https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss>

OK, I'll keep an eye out for it in the next release. Updating the book's
chapter about the API. Thank you very much for your help.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20110706/d3311cd8/attachment.htm>

More information about the rabbitmq-discuss mailing list