[rabbitmq-discuss] Client certificate based authentication over SSL

• Previous message: [rabbitmq-discuss] Client certificate based authentication over SSL
• Next message: [rabbitmq-discuss] Client certificate based authentication over SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 27/03/2014 14:56, Vinay Nayak wrote:
>      {exit,as_user_no_password,'connection.start_ok',

So I think this ("as_user_no_password") is the least clear error message 
I have ever perpetrated. It's getting made clearer in the next release.

What it's trying to say is:

"You have (successfully) authenticated a user without giving a password 
(using client certs instead). However, the 'other_bind' configuration 
item is set to 'as_user' which means that when I want to go to the LDAP 
server for authorisation queries, I should bind to it with the user's 
credentials. But I only know how to do that with the user's password. 
Which I don't have."

It's not made any clearer by the fact that 'as_user' is the default 
value for 'other_bind'.

So you must set 'other_bind' to 'anon' (bind anonymously for authZ 
queries), or {"someuser", "somepassword"} (bind with those creds for authZ).

Cheers, Simon

• Previous message: [rabbitmq-discuss] Client certificate based authentication over SSL
• Next message: [rabbitmq-discuss] Client certificate based authentication over SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]