Authorization

After a client is successfully authenticated by the message broker, it needs to perform some activities in some virtual hosts. In the earlier chapters, we saw that permissions are defined per vhost and live either internally in the message broker or externally. The RabbitMQ LDAP backend plugin that we saw earlier provides you with an ability to store permissions in an LDAP server. The following types of permissions are configured in the message broker:

  • configure: This allows a resource to be created, modified, or deleted
  • write: This allows a resource to be written to
  • read: This allows a resource to be read from

We already discussed how to manage permissions using the rabbitmqctl utility and the HTTP API. The following commands can be ...

Get Learning RabbitMQ now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.