For security reasons, I want to configure separate user accounts with specific permissions to isolates queues in RabbitMQ. As users need to be a dynamic (adding new, removing deactivated…) I would like to achieve this with Java Spring AMQP.
Creating queues, exchanges and bindings is possible with
rabbitMqConfig.getAdmin().declareQueue(queue); rabbitMqConfig.getAdmin().declareExchange(exchange); rabbitMqConfig.getAdmin().declareBinding(binding);
The RabbitMQ Management HTTP API provides also features regarding the user management, as described on https://rawcdn.githack.com/rabbitmq/rabbitmq-server/v3.9.4/deps/rabbitmq_management/priv/www/api/index.html, e.g. with
/api/users/name /api/users/user/permissions
So I would assume Spring to provide a method like
rabbitMqConfig.getAdmin().declareUser(user);
but this seems not to be available…
What would be the ideal way to implement this in Java Spring?
Advertisement
Answer
As far as I know, the RabbitAdmin
class does not offer any kind of API for creating/update users at a remote RabbitMQ server.
You can achieve what you want by creating a simple REST client that will interact with the API that allows for those actions. You can find an example of this here.
However, I would think twice before doing something like that, as there are security implications to consider (also a pointer as to why this is not allowed via the Java API).
For example, doing something like that would mean that your application will need to have admin rights to the RabbitMQ server, which is something that should be avoided.