Hi,
I haven't done any work playing with authentication, so I'm curious - Is
it possible to set authentication to only authenticate consumers so
producers can connect in without needing authentication?
Also is there a good tutorial for getting started with authentication -
preferable something that starts with the basics to help a total
authentication noob get something up and running quickly.
My personal view was that I wanted to run our system in a "trust and
verify" model where we'd audit connections, but some folks in my
organisation are getting a bit twitchy about that, so I want to keep my
options open. It's unfortunate as my system is sitting behind a firewall
on a trusted network and I wanted to have a model that maximises
business agility by allowing consumers to quickly subscribe to the data
they need when they need it and do cool stuff with it.
One of my biggest concerns about going down an authentication path is
the administrative overhead of setting up and managing
usernames/passwords. How do I do it so that it's not burdonsome to allow
a new connection - especially if someone needs one in a hurry "out of
hours". I guess the simple answer might be to have a single
qpid-subscriber "account", but surely one account/password is little
better than no authentication at all as anyone who knows this could
easily set up another consumer client and subscribe to different data.
MTIA
Frase
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
|