[rabbitmq-discuss] Read-only access to STOMP topic

Clay McClure clay at sseband.com
Wed May 16 22:50:34 BST 2012


Howdy,

I would like to grant a user read-only access to a STOMP topic, while
granting another user read-write access to that same topic. In this
way, I can be assured that topic subscribers cannot also post messages
to the topic. I've tried using the following permissions:

    rabbitmqctl set_permissions read-only-user '.*' '^$' '.*'
    rabbitmqctl set_permissions read-write-user '.*' '.*' '.*'

which would, in my view, prevent the read-only-user from writing to
any topic. However, it seems that write permission is required to bind
to an exchange (http://www.rabbitmq.com/access-control.html), so when
the read-only-user tries to SUBSCRIBE to the topic, we get:

    ACCESS_REFUSED - access to queue 'amq.gen-JUCwAsef2r336/
uzsYwAmA==' in vhost '/' refused for user 'read-only-user'

How can I grant read-only access to the topic?

Thanks,

Clay


More information about the rabbitmq-discuss mailing list