root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity

README updates

This commit is contained in:
Michael Klishin 2016-03-23 11:25:30 +03:00
parent ba6238fb3a
commit 29cf214bbc
1 changed files with 18 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
deps/rabbitmq_auth_backend_http/README.md vendored
View File

@ -5,72 +5,58 @@ authentication (determining who can log in) and authorisation
(determining what permissions they have) by making requests to an HTTP
server.
As with all authentication plugins, this one requires rabbitmq-server
As with all [authentication plugins](http://rabbitmq.com/access-control.html), this one requires RabbitMQ server
2.3.1 or later.
Note: it's at an early stage of development, although it's
conceptually very simple.
# Downloading
## Downloading
You can download a pre-built binary of this plugin from
http://www.rabbitmq.com/community-plugins.html.
the [Community Plugins page](http://www.rabbitmq.com/community-plugins.html).
# Building
## Building
You can build and install it like any other plugin (see
[the plugin development guide](http://www.rabbitmq.com/plugin-development.html)).
This plugin depends on the Erlang client (just to grab a URI parser).
# Enabling the plugin
## Enabling the plugin
To enable the plugin, set the value of the `auth_backends` configuration item
for the `rabbit` application to include `rabbit_auth_backend_http`.
`auth_backends` is a list of authentication providers to try in order.
So a configuration fragment that enables this plugin *only* would look like:
See the [Access Control guide](http://rabbitmq.com/access-control.html) for more information.
For `rabbitmq.conf`:
To use this backend exclusively, use the following snippet in `rabbitmq.conf` (currently
in master)
auth_backends.1 = http
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
Or, in the classic config format (`rabbitmq.config`, prior to 3.7.0) or `advanced.config`:
[{rabbit, [{auth_backends, [rabbit_auth_backend_http]}]}].
to use only HTTP, or:
For `rabbitmq.conf`:
auth_backends.1 = http
auth_backends.2 = internal
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
[{rabbit,
[{auth_backends, [rabbit_auth_backend_http, rabbit_auth_backend_internal]}]
}].
to try the HTTP plugin first and then fall back to the internal database.
See http://www.rabbitmq.com/configure.html#configuration-file for more detail
See [RabbitMQ Configuration guide](http://www.rabbitmq.com/configure.html) for more detail
on `auth_backends`.
# Configuring the plugin
## Configuring the Plugin
You need to configure the plugin to know which URIs to point at.
A minimal configuration file might look like:
Below is a minimal configuration file example.
For `rabbitmq.conf`:
In `rabbitmq.conf` (currently RabbitMQ master):
auth_backends.1 = http
http.user_path = http://some-server/auth/user
http.vhost_path = http://some-server/auth/vhost
http.resource_path = http://some-server/auth/resource
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
In the classic config format (`rabbitmq.config` prior to 3.7.0 or `advanced.config`):
[
{rabbit, [{auth_backends, [rabbit_auth_backend_http]}]},
@ -80,7 +66,7 @@ For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
{resource_path, "http://some-server/auth/resource"}]}
].
# What must my web server do?
# What Must My Web Server Do?
This plugin requires that your web server respond to requests in a
certain predefined format. It will make GET requests against the URIs
@ -105,7 +91,7 @@ Note that you cannot create arbitrary virtual hosts using this plugin; you can o
* `vhost` - the name of the virtual host containing the resource
* `resource` - the type of resource (`exchange`, `queue`)
* `name` - the name of the resource
* `permission` - the access level to the resource (`configure`, `write`, `read`) - see [the admin guide](http://www.rabbitmq.com/access-control.html) for their meaning
* `permission` - the access level to the resource (`configure`, `write`, `read`) - see [the Access Control guide](http://www.rabbitmq.com/access-control.html) for their meaning
Your web server should always return HTTP 200 OK, with a body
containing:
@ -114,13 +100,13 @@ containing:
* `allow` - allow access to the user / vhost / resource
* `allow [list of tags]` - (for `user_path` only) - allow access, and mark the user as an having the tags listed
# Debugging
## Debugging
Check the RabbitMQ logs if things don't seem to be working
properly. Look for log messages containing "rabbit_auth_backend_http
failed".
# Example
## Example App (in Python)
In `examples/rabbitmq_auth_backend_django` there's a very simple
Django app that can be used for authentication. On Debian / Ubuntu you