[rabbitmq-discuss] Web-STOMP plugin - Authentication with SSL Client Certificates
mklishin at gopivotal.com
Thu Jun 19 08:30:42 BST 2014
On 18 June 2014 at 19:51:57, Andrei (andrei002 at gmail.com) wrote:
> > 1. Is there any possibility for this feature to be implemented
> in one of the next releases, in order for Web-STOMP to be fully
> compatible with STOMP plugin?
> 2. In case it is too complex to implement due to lack of client SSL
> authentication mechanisms in Cowboy, could it be implemented
> in the following way, as a workaround?
It's possible to add SSL certificate authentication to Web STOMP
but it may involve upgrading Cowboy and SockJS first => not a trivial amount of work.
The workaround you suggest may work but
* It will be hard to justify supporting such a homegrown authentication scheme
* It may also run into limitations in SockJS
So I'd recommend combining HTTPS connection with credentials obtained from an HTTPS
endpoint in your JS application. This is not great but largely is the state of
the art in Web messaging authentication. Fairly big Web players recommend something
very similar .
Software Engineer, Pivotal/RabbitMQ
More information about the rabbitmq-discuss