After a client is successfully authenticated by the message broker, it needs to perform some activities in some virtual hosts. In the earlier chapters, we saw that permissions are defined per vhost and live either internally in the message broker or externally. The RabbitMQ LDAP backend plugin that we saw earlier provides you with an ability to store permissions in an LDAP server. The following types of permissions are configured in the message broker:
- configure: This allows a resource to be created, modified, or deleted
- write: This allows a resource to be written to
- read: This allows a resource to be read from
We already discussed how to manage permissions using the
rabbitmqctl utility and the HTTP API. The following commands can be ...