[rabbitmq-discuss] How to grant only read access to a specific STOMP queue?
joshua__lim
joshua__lim at hotmail.com
Sat Feb 22 16:35:53 GMT 2014
Michael Klishin-2 wrote
> On 21 Feb 2014, at 07:09, Joshua Lim <
> joshua__lim@
> > wrote:
>
>> Is there a way to grant a user read permission to only a specific queue?
>> I would greatly appreciate any pointers.
>
> From rabbitmqctl help:
>
> set_permissions [-p
> <vhostpath>
> ]
> <user>
>
> <conf>
>
> <write>
>
> <read>
> So, using your example
>
> rabbitmqctl set_permissions guest ".*” ".*” "testqueue".
>
> MK
Hi Michael, thanks. I did a retest again, it appears that I'm able to read
from "testqueue" even if <write> is set to "^$”.
rabbitmqctl set_permissions guest ".*" "^$" "testqueue"
I think I must have messed up my earlier test.
Now, if I need to allow the guest user to have both read and publish
permission to "testqueue", what must I do?
I tried the following but it doesn't work and I get a processing error:
rabbitmqctl set_permissions guest ".*" "testqueue" "testqueue"
=ERROR REPORT==== 23-Feb-2014::00:27:06 ===
connection <0.545.0>, channel 1 - soft error:
{amqp_error,access_refused,
"access to exchange 'amq.default' in vhost '/' refused for user
'guest'",
'basic.publish'}
Then I tried:
rabbitmqctl set_permissions guest ".*" "amq.default" "testqueue"
This time it worked but it also means the guest user can publish to all
queues! Is there a way to restrict publishing to a specific queue?
--
View this message in context: http://rabbitmq.1065348.n5.nabble.com/How-to-grant-only-read-access-to-a-specific-STOMP-queue-tp33549p33573.html
Sent from the RabbitMQ mailing list archive at Nabble.com.
More information about the rabbitmq-discuss
mailing list