[rabbitmq-discuss] custom exchange checking auth user
matthias at rabbitmq.com
Thu Jun 26 18:00:09 BST 2014
On 23/06/14 09:37, Dmitry Andrianov wrote:
> we actually using that thing already - client sets the user ID property
> and server rejects a message if it does not match the actual auth user.
> However, I did read it as that setUserId call being optional - it is up
> to the client to set it. And if client does not set it, no validation is
> So how do I prevent messages without an user id from being accepted?
You can't, though your consuming applications could drop such messages.
> If I need a custom exchange type or exchange decorator - it does not
> really makes life much easier.
It would be quite straightforward to write an exchange type or decorator
that drops messages which do not have the user-id header. Or rejects
them with some amqp error.
That may not be the ideal solution but can be done now, without
requiring any changes to rabbit's APIs.
More information about the rabbitmq-discuss