Skip to content
Advertisement

Dynamically configure RabbitMQ users and permissions with Java Spring AMQP

For security reasons, I want to configure separate user accounts with specific permissions to isolates queues in RabbitMQ. As users need to be a dynamic (adding new, removing deactivated…) I would like to achieve this with Java Spring AMQP.

Creating queues, exchanges and bindings is possible with

rabbitMqConfig.getAdmin().declareQueue(queue);
rabbitMqConfig.getAdmin().declareExchange(exchange);
rabbitMqConfig.getAdmin().declareBinding(binding); 

The RabbitMQ Management HTTP API provides also features regarding the user management, as described on https://rawcdn.githack.com/rabbitmq/rabbitmq-server/v3.9.4/deps/rabbitmq_management/priv/www/api/index.html, e.g. with

/api/users/name
/api/users/user/permissions

So I would assume Spring to provide a method like

rabbitMqConfig.getAdmin().declareUser(user); 

but this seems not to be available…

What would be the ideal way to implement this in Java Spring?

Advertisement

Answer

As far as I know, the RabbitAdmin class does not offer any kind of API for creating/update users at a remote RabbitMQ server.

You can achieve what you want by creating a simple REST client that will interact with the API that allows for those actions. You can find an example of this here.

However, I would think twice before doing something like that, as there are security implications to consider (also a pointer as to why this is not allowed via the Java API).

For example, doing something like that would mean that your application will need to have admin rights to the RabbitMQ server, which is something that should be avoided.

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement