RabbitMQ tries to solve problems, which we covered in the previous chapters, with the help of its mechanisms and plugins. Access Control simply specifies the permissions of the user within the virtual host. Each user has a different permission for each virtual host, for instance, a user a has Read permission on the virtual host TestVH.
We can manage access control using the rabbitmqctl command-line tool. The Rabbitmqctl tool gives us an opportunity to list all of the permissions of the user, as shown in the following command line:
vagrant@precise32:~$ sudo rabbitmqctl list_user_permissions guest Listing permissions for user "guest" ... /.* .*.* ...done.
Moreover, we have another chance to list permissions of the provided virtual host, as shown in the following command line:
vagrant@precise32:~$ sudo rabbitmqctl list_permissions -p / Listing permissions in vhost "/" ... guest.*.*.* monit.*.*.* monitor.*.*.* ...done.
Furthermore, we can delete all of the permissions of the user within a provided virtual host. The following command line shows the clearing permissions of the user jack within the root virtual host:
vagrant@precise32:~$ sudo rabbitmqctl clear_permissions -p / jack Clearing permissions for user "jack" in vhost "/" ... ...done.
Finally, we need to set new permissions for the user within the provided virtual host. As you can see in the following command line, we can set new permissions to the user jack within the root virtual host:
vagrant@precise32:~$ sudo rabbitmqctl set_permissions -p / jack ".*" ".*" ".*" Setting permissions for user "jack" in vhost "/" ... ...done.
Rabbitmqctl is a great tool for managing the RabbitMQ server and it is enough for us to manage access control. Additionally, some administrators would like to use graphical interfaces for administrating the RabbitMQ server. We have another use of RabbitMQ's management plugin to list each user's permission and change their permissions for the provided Virtual Host, as shown in the following image:
Figure:8.1: Access control of user
As a result, we should limit the user's activities within the provided virtual host. Next, we move on to access control, which manages the user permissions for the provided virtual host.