[rabbitmq-discuss] How to deal with untrusted publishers

• Previous message: [rabbitmq-discuss] How to deal with untrusted publishers
• Next message: [rabbitmq-discuss] Monitoring Rabbit MQ deadletter queue and queue counts / rates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13 Feb 2014, at 06:21, Michael Giagnocavo <mgg at giagnocavo.net> wrote:

> What about in general, if the client isn't trusted? Is the RabbitMQ threat model designed to encompass malicious clients?

RabbitMQ has a pretty fine grained permissions model,
has mandatory authentication and supports TLS.

http://www.rabbitmq.com/access-control.html
http://www.rabbitmq.com/ssl.html

in the case of a rogue publisher that has
authenticated, eventually all connections that publish messages
will be blocked. There are multiple strategies to avoid this.

http://www.rabbitmq.com/memory.html
http://www.rabbitmq.com/blog/2014/01/23/preventing-unbounded-buffers-with-rabbitmq/

HTH.

MK

Software Engineer, Pivotal/RabbitMQ

• Previous message: [rabbitmq-discuss] How to deal with untrusted publishers
• Next message: [rabbitmq-discuss] Monitoring Rabbit MQ deadletter queue and queue counts / rates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]