[rabbitmq-discuss] RabbitMQ Federation & SSL

Eric Cozzi n16483 at cray.com
Wed May 29 15:53:36 BST 2013


Matthias,

Sorry for the delay in responding.

I have the LDAP auth plugin logging at Network level. There are no 
additional log statements that are being output. I've also confirmed 
that the user exists in my LDAP. So, I'm not sure why it couldn't find 
the user, unless it's not looking for the correct username. It should be 
using the CN from the SSL certificate as the username, which in this 
case should be either ecozzi-02 or ecozzi-03.

Erlang version is:
ecozzi-01:/home/ecozzi # cat /usr/lib64/erlang/releases/RELEASES
[{release,"OTP  APN 181 01","R15B02","5.9.2",
           [{kernel,"2.15.2","/usr/lib64/erlang/lib/kernel-2.15.2"},
            {stdlib,"1.18.2","/usr/lib64/erlang/lib/stdlib-1.18.2"},
            {sasl,"2.2.1","/usr/lib64/erlang/lib/sasl-2.2.1"}],
           permanent}].

Rabbit Version:
ecozzi-01:/home/ecozzi # rabbitmqctl status
Status of node 'rabbit at ecozzi-01' ...
[{pid,3800},
  {running_applications,
      [{rabbitmq_federation_management,"RabbitMQ Federation Management",
           "3.0.1"},
       {rabbitmq_management,"RabbitMQ Management Console","3.0.1"},
       {rabbitmq_federation,"RabbitMQ Federation","3.0.1"},
       {rabbitmq_auth_backend_ldap,"RabbitMQ LDAP Authentication Backend",
           "3.0.1"},
       {rabbitmq_management_agent,"RabbitMQ Management Agent","3.0.1"},
       {rabbit,"RabbitMQ","3.0.1"},
       {ssl,"Erlang/OTP SSL application","5.1"},
       {public_key,"Public key infrastructure","0.16"},
       {crypto,"CRYPTO version 2","2.2"},
       {os_mon,"CPO  CXC 138 46","2.2.10"},
       {rabbitmq_auth_mechanism_ssl,
           "RabbitMQ SSL authentication (SASL EXTERNAL)","3.0.1"},
       {rabbitmq_mochiweb,"RabbitMQ Mochiweb Embedding","3.0.1"},
       {webmachine,"webmachine","1.9.1-rmq3.0.1-git52e62bc"},
       {mochiweb,"MochiMedia Web Server","2.3.1-rmq3.0.1-gitd541e9a"},
       {xmerl,"XML parser","1.3.2"},
       {inets,"INETS  CXC 138 49","5.9.1"},
       {mnesia,"MNESIA  CXC 138 12","4.7.1"},
       {eldap,"Ldap api","1.0"},
       {amqp_client,"RabbitMQ AMQP Client","3.0.1"},
       {sasl,"SASL  CXC 138 11","2.2.1"},
       {stdlib,"ERTS  CXC 138 10","1.18.2"},
       {kernel,"ERTS  CXC 138 10","2.15.2"}]},
  {os,{unix,linux}},
  {erlang_version,
      "Erlang R15B02 (erts-5.9.2) [source] [64-bit] [smp:2:2] 
[async-threads:30] [hipe] [kernel-poll:true]\n"},
  {memory,
      [{total,37603792},
       {connection_procs,162600},
       {queue_procs,235552},
       {plugins,377592},
       {other_proc,10276868},
       {mnesia,94464},
       {mgmt_db,84936},
       {msg_index,32576},
       {other_ets,1236360},
       {binary,306624},
       {code,20204649},
       {atom,760729},
       {other_system,3830842}]},
  {vm_memory_high_watermark,0.4},
  {vm_memory_limit,205919027},
  {disk_free_limit,1000000000},
  {disk_free,0},
  {file_descriptors,
      
[{total_limit,924},{total_used,16},{sockets_limit,829},{sockets_used,4}]},
  {processes,[{limit,1048576},{used,249}]},
  {run_queue,0},
  {uptime,406985}]
...done.

On 05/25/2013 03:56 PM, Matthias Radestock wrote:
> Eric,
>
> On 24/05/13 22:55, Eric Cozzi wrote:
>>                   {{badarg,{error,noSuchObject}},
>> [{rabbit_access_control,'-check_vhost_access/2-fun-0-',3,[]},
>>                     {rabbit_access_control,check_access,5,[]},
>
> That indicates that your LDAP auth backend returned a 'noSuchObject' 
> error when performing the vhost access check for the user.
>
> I suggest you enable logging in the LDAP auth plug-in to track down 
> the cause.
>
> However, the error really should be handled more gracefully by rabbit, 
> and I am at a loss why it's producing such a stack trace. What 
> versions of RabbitMQ and Erlang are you running and how did you 
> install rabbit (e.g. from a package, compiled from source, etc)?
>
> Matthias.
>


More information about the rabbitmq-discuss mailing list