[rabbitmq-discuss] How to grant only read access to a specific STOMP queue?

joshua__lim joshua__lim at hotmail.com
Sat Feb 22 16:35:53 GMT 2014

Michael Klishin-2 wrote
> On 21 Feb 2014, at 07:09, Joshua Lim <

> joshua__lim@

> > wrote:
>> Is there a way to grant a user read permission to only a specific queue? 
>> I would greatly appreciate any pointers.
> From rabbitmqctl help:
> set_permissions [-p 
> <vhostpath>
> ] 
> <user>
> <conf>
> <write>
> <read>
> So, using your example
> rabbitmqctl set_permissions guest ".*” ".*” "testqueue".
> MK

Hi Michael, thanks.  I did a retest again, it appears that I'm able to read
from "testqueue" even if <write> is set to "^$”.

rabbitmqctl set_permissions guest ".*" "^$" "testqueue"

I think I must have messed up my earlier test.

Now, if I need to allow the guest user to have both read and publish
permission to "testqueue", what must I do?

I tried the following but it doesn't work and I get a processing error:

rabbitmqctl set_permissions guest ".*" "testqueue" "testqueue"

=ERROR REPORT==== 23-Feb-2014::00:27:06 ===
connection <0.545.0>, channel 1 - soft error:
            "access to exchange 'amq.default' in vhost '/' refused for user

Then I tried:

rabbitmqctl set_permissions guest ".*" "amq.default" "testqueue"

This time it worked but it also means the guest user can publish to all
queues!  Is there a way to restrict publishing to a specific queue?

View this message in context: http://rabbitmq.1065348.n5.nabble.com/How-to-grant-only-read-access-to-a-specific-STOMP-queue-tp33549p33573.html
Sent from the RabbitMQ mailing list archive at Nabble.com.

More information about the rabbitmq-discuss mailing list