qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fraser Adams <fraser.ad...@blueyonder.co.uk>
Subject Is it possible to set authentication to only authenticate consumers?
Date Mon, 03 Oct 2011 17:42:01 GMT
I haven't done any work playing with authentication, so I'm curious - Is 
it possible to set authentication to only authenticate consumers so 
producers can connect in without needing authentication?

Also is there a good tutorial for getting started with authentication - 
preferable something that starts with the basics to help a total 
authentication noob get something up and running quickly.

My personal view was that I wanted to run our system in a "trust and 
verify" model where we'd audit connections, but some folks in my 
organisation are getting a bit twitchy about that, so I want to keep my 
options open. It's unfortunate as my system is sitting behind a firewall 
on a trusted network and I wanted to have a model that maximises 
business agility by allowing consumers to quickly subscribe to the data 
they need when they need it and do cool stuff with it.

One of my biggest concerns about going down an authentication path is 
the administrative overhead of setting up and managing 
usernames/passwords. How do I do it so that it's not burdonsome to allow 
a new connection - especially if someone needs one in a hurry "out of 
hours". I guess the simple answer might be to have a single 
qpid-subscriber "account", but surely one account/password is little 
better than no authentication at all as anyone who knows this could 
easily set up another consumer client and subscribe to different data.


Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

View raw message