root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

README updates

This commit is contained in:
Michael Klishin 2016-03-23 11:25:30 +03:00
parent ba6238fb3a
commit 29cf214bbc
1 changed files with 18 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
deps/rabbitmq_auth_backend_http/README.md vendored
View File

@ -5,72 +5,58 @@ authentication (determining who can log in) and authorisation
(determining what permissions they have) by making requests to an HTTP (determining what permissions they have) by making requests to an HTTP
server. server.
As with all authentication plugins, this one requires rabbitmq-server As with all [authentication plugins](http://rabbitmq.com/access-control.html), this one requires RabbitMQ server
2.3.1 or later. 2.3.1 or later.
Note: it's at an early stage of development, although it's Note: it's at an early stage of development, although it's
conceptually very simple. conceptually very simple.
# Downloading ## Downloading
You can download a pre-built binary of this plugin from You can download a pre-built binary of this plugin from
http://www.rabbitmq.com/community-plugins.html. the [Community Plugins page](http://www.rabbitmq.com/community-plugins.html).
# Building ## Building
You can build and install it like any other plugin (see You can build and install it like any other plugin (see
[the plugin development guide](http://www.rabbitmq.com/plugin-development.html)). [the plugin development guide](http://www.rabbitmq.com/plugin-development.html)).
This plugin depends on the Erlang client (just to grab a URI parser). This plugin depends on the Erlang client (just to grab a URI parser).
# Enabling the plugin ## Enabling the plugin
To enable the plugin, set the value of the `auth_backends` configuration item To enable the plugin, set the value of the `auth_backends` configuration item
for the `rabbit` application to include `rabbit_auth_backend_http`. for the `rabbit` application to include `rabbit_auth_backend_http`.
`auth_backends` is a list of authentication providers to try in order. `auth_backends` is a list of authentication providers to try in order.
So a configuration fragment that enables this plugin *only* would look like: See the [Access Control guide](http://rabbitmq.com/access-control.html) for more information.
For `rabbitmq.conf`: To use this backend exclusively, use the following snippet in `rabbitmq.conf` (currently
in master)
auth_backends.1 = http auth_backends.1 = http
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`: Or, in the classic config format (`rabbitmq.config`, prior to 3.7.0) or `advanced.config`:
[{rabbit, [{auth_backends, [rabbit_auth_backend_http]}]}]. [{rabbit, [{auth_backends, [rabbit_auth_backend_http]}]}].
to use only HTTP, or: See [RabbitMQ Configuration guide](http://www.rabbitmq.com/configure.html) for more detail
For `rabbitmq.conf`:
auth_backends.1 = http
auth_backends.2 = internal
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
[{rabbit,
[{auth_backends, [rabbit_auth_backend_http, rabbit_auth_backend_internal]}]
}].
to try the HTTP plugin first and then fall back to the internal database.
See http://www.rabbitmq.com/configure.html#configuration-file for more detail
on `auth_backends`. on `auth_backends`.
# Configuring the plugin ## Configuring the Plugin
You need to configure the plugin to know which URIs to point at. You need to configure the plugin to know which URIs to point at.
A minimal configuration file might look like: Below is a minimal configuration file example.
For `rabbitmq.conf`: In `rabbitmq.conf` (currently RabbitMQ master):
auth_backends.1 = http auth_backends.1 = http
http.user_path = http://some-server/auth/user http.user_path = http://some-server/auth/user
http.vhost_path = http://some-server/auth/vhost http.vhost_path = http://some-server/auth/vhost
http.resource_path = http://some-server/auth/resource http.resource_path = http://some-server/auth/resource
For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`: In the classic config format (`rabbitmq.config` prior to 3.7.0 or `advanced.config`):
[ [
{rabbit, [{auth_backends, [rabbit_auth_backend_http]}]}, {rabbit, [{auth_backends, [rabbit_auth_backend_http]}]},
@ -80,7 +66,7 @@ For `rabbitmq.config` (prior to 3.7.0) or `advanced.config`:
{resource_path, "http://some-server/auth/resource"}]} {resource_path, "http://some-server/auth/resource"}]}
]. ].
# What must my web server do? # What Must My Web Server Do?
This plugin requires that your web server respond to requests in a This plugin requires that your web server respond to requests in a
certain predefined format. It will make GET requests against the URIs certain predefined format. It will make GET requests against the URIs
@ -105,7 +91,7 @@ Note that you cannot create arbitrary virtual hosts using this plugin; you can o
* `vhost` - the name of the virtual host containing the resource * `vhost` - the name of the virtual host containing the resource
* `resource` - the type of resource (`exchange`, `queue`) * `resource` - the type of resource (`exchange`, `queue`)
* `name` - the name of the resource * `name` - the name of the resource
* `permission` - the access level to the resource (`configure`, `write`, `read`) - see [the admin guide](http://www.rabbitmq.com/access-control.html) for their meaning * `permission` - the access level to the resource (`configure`, `write`, `read`) - see [the Access Control guide](http://www.rabbitmq.com/access-control.html) for their meaning
Your web server should always return HTTP 200 OK, with a body Your web server should always return HTTP 200 OK, with a body
containing: containing:
@ -114,13 +100,13 @@ containing:
* `allow` - allow access to the user / vhost / resource * `allow` - allow access to the user / vhost / resource
* `allow [list of tags]` - (for `user_path` only) - allow access, and mark the user as an having the tags listed * `allow [list of tags]` - (for `user_path` only) - allow access, and mark the user as an having the tags listed
# Debugging ## Debugging
Check the RabbitMQ logs if things don't seem to be working Check the RabbitMQ logs if things don't seem to be working
properly. Look for log messages containing "rabbit_auth_backend_http properly. Look for log messages containing "rabbit_auth_backend_http
failed". failed".
# Example ## Example App (in Python)
In `examples/rabbitmq_auth_backend_django` there's a very simple In `examples/rabbitmq_auth_backend_django` there's a very simple
Django app that can be used for authentication. On Debian / Ubuntu you Django app that can be used for authentication. On Debian / Ubuntu you