Rabbit MQ 后端 http 授权不起作用
Rabbit MQ backend http authorisation not working
我已配置 rabbitmq-auth-backend-http
,我的 rabbitmq.config
如下所示
[
{rabbit, [{auth_backends, [rabbit_auth_backend_http, rabbit_auth_backend_internal]}]},
{rabbitmq_auth_backend_http,
[{http_method, get},
{user_path, "http://localhost:8080/auth/user"},
{vhost_path, "http://localhost:8080/auth/vhost"},
{resource_path, "http://localhost:8080/auth/resource"},
{topic_path, "http://localhost:8080/auth/topic"}]}
].
授权端点 http://localhost:8080/auth
已启动并且 运行。
但是当我尝试登录时 http://localhost:15672/api/whoami
api 失败,状态代码为 500。
rabbitmq 内部数据库的身份验证工作正常。唯一的问题是在 auth_backends
中添加 rabbit_auth_backend_http
不起作用。它甚至没有达到授权端点。我检查了 var/rabbitmq/rabbit@localhost.log
中的日志,
但没有帮助。我在这里发布日志
=ERROR REPORT==== 18-Aug-2017::21:55:46 ===
Ranch listener rabbit_web_dispatch_sup_15672 had connection process started with cowboy_protocol:start_link/4 at <0.574.0> exit with reason: {[{reason,undef},{mfa,{rabbit_mgmt_wm_whoami,is_authorized,2}},{stacktrace,[{rabbit_auth_backend_http,user_login_authentication,[<<"test">>,[{password,<<"test">>}]],[]},{rabbit_access_control,try_authenticate,3,[{file,"src/rabbit_access_control.erl"},{line,88}]},{rabbit_access_control,'-check_user_login/2-fun-0-',4,[{file,"src/rabbit_access_control.erl"},{line,74}]},{lists,foldl,3,[{file,"lists.erl"},{line,1263}]},{rabbit_mgmt_util,is_authorized,6,[{file,"src/rabbit_mgmt_util.erl"},{line,149}]},{cowboy_rest,call,3,[{file,"src/cowboy_rest.erl"},{line,976}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]},{req,[{socket,#Port<0.26006>},{transport,ranch_tcp},{connection,keepalive},{pid,<0.574.0>},{method,<<"GET">>},{version,'HTTP/1.1'},{peer,{{127,0,0,1},51220}},{host,<<"localhost">>},{host_info,undefined},{port,15672},{path,<<"/api/whoami">>},{path_info,undefined},{qs,<<>>},{qs_vals,[]},{bindings,[]},{headers,[{<<"host">>,<<"localhost:15672">>},{<<"connection">>,<<"keep-alive">>},{<<"authorization">>,<<"Basic dGVzdDp0ZXN0">>},{<<"user-agent">>,<<"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36">>},{<<"content-type">>,<<"application/json">>},{<<"accept">>,<<"/">>},{<<"referer">>,<<"http://localhost:15672/">>},{<<"accept-encoding">>,<<"gzip, deflate, br">>},{<<"accept-language">>,<<"en-US,en;q=0.8">>},[{<<"connection">>,[<<"keep-alive">>]}]},{cookies,undefined},{meta,[]},{body_state,waiting},{buffer,<<>>},{multipart,undefined},{resp_compress,true},{resp_state,waiting},{resp_headers,[{<<"vary">>,<<"origin">>}]},{resp_body,<<>>},{onresponse,#Fun}]},{state,{context,undefined,none,undefined}}],[{cowboy_rest,error_terminate,5,[{file,"src/cowboy_rest.erl"},{line,1009}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]}
我做错了什么?
感谢您的帮助。
在 rabbitmq-user
google 组发布这个问题后,我得到了解决方案。您需要手动安装 rabbitmq-auth-backend-http
。
在 rabbitmq.config
文件中添加配置不会安装它。
这里是 link 更多 detailed answer。
关于 rabbitmq-auth-backend-http
插件的另一个重要的事情是你必须在 rabbitmq.config
文件。如果错过任何端点,rabbitmq 将采用以下 default values 进行授权。
{user_path, "http://localhost:8000/auth/user"},
{vhost_path, "http://localhost:8000/auth/vhost"},
{resource_path, "http://localhost:8000/auth/resource"},
{topic_path, "http://localhost:8000/auth/topic"}
我已配置 rabbitmq-auth-backend-http
,我的 rabbitmq.config
如下所示
[
{rabbit, [{auth_backends, [rabbit_auth_backend_http, rabbit_auth_backend_internal]}]},
{rabbitmq_auth_backend_http,
[{http_method, get},
{user_path, "http://localhost:8080/auth/user"},
{vhost_path, "http://localhost:8080/auth/vhost"},
{resource_path, "http://localhost:8080/auth/resource"},
{topic_path, "http://localhost:8080/auth/topic"}]}
].
授权端点 http://localhost:8080/auth
已启动并且 运行。
但是当我尝试登录时 http://localhost:15672/api/whoami
api 失败,状态代码为 500。
rabbitmq 内部数据库的身份验证工作正常。唯一的问题是在 auth_backends
中添加 rabbit_auth_backend_http
不起作用。它甚至没有达到授权端点。我检查了 var/rabbitmq/rabbit@localhost.log
中的日志,
但没有帮助。我在这里发布日志
=ERROR REPORT==== 18-Aug-2017::21:55:46 === Ranch listener rabbit_web_dispatch_sup_15672 had connection process started with cowboy_protocol:start_link/4 at <0.574.0> exit with reason: {[{reason,undef},{mfa,{rabbit_mgmt_wm_whoami,is_authorized,2}},{stacktrace,[{rabbit_auth_backend_http,user_login_authentication,[<<"test">>,[{password,<<"test">>}]],[]},{rabbit_access_control,try_authenticate,3,[{file,"src/rabbit_access_control.erl"},{line,88}]},{rabbit_access_control,'-check_user_login/2-fun-0-',4,[{file,"src/rabbit_access_control.erl"},{line,74}]},{lists,foldl,3,[{file,"lists.erl"},{line,1263}]},{rabbit_mgmt_util,is_authorized,6,[{file,"src/rabbit_mgmt_util.erl"},{line,149}]},{cowboy_rest,call,3,[{file,"src/cowboy_rest.erl"},{line,976}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]},{req,[{socket,#Port<0.26006>},{transport,ranch_tcp},{connection,keepalive},{pid,<0.574.0>},{method,<<"GET">>},{version,'HTTP/1.1'},{peer,{{127,0,0,1},51220}},{host,<<"localhost">>},{host_info,undefined},{port,15672},{path,<<"/api/whoami">>},{path_info,undefined},{qs,<<>>},{qs_vals,[]},{bindings,[]},{headers,[{<<"host">>,<<"localhost:15672">>},{<<"connection">>,<<"keep-alive">>},{<<"authorization">>,<<"Basic dGVzdDp0ZXN0">>},{<<"user-agent">>,<<"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36">>},{<<"content-type">>,<<"application/json">>},{<<"accept">>,<<"/">>},{<<"referer">>,<<"http://localhost:15672/">>},{<<"accept-encoding">>,<<"gzip, deflate, br">>},{<<"accept-language">>,<<"en-US,en;q=0.8">>},[{<<"connection">>,[<<"keep-alive">>]}]},{cookies,undefined},{meta,[]},{body_state,waiting},{buffer,<<>>},{multipart,undefined},{resp_compress,true},{resp_state,waiting},{resp_headers,[{<<"vary">>,<<"origin">>}]},{resp_body,<<>>},{onresponse,#Fun}]},{state,{context,undefined,none,undefined}}],[{cowboy_rest,error_terminate,5,[{file,"src/cowboy_rest.erl"},{line,1009}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]}
我做错了什么?
感谢您的帮助。
在 rabbitmq-user
google 组发布这个问题后,我得到了解决方案。您需要手动安装 rabbitmq-auth-backend-http
。
在 rabbitmq.config
文件中添加配置不会安装它。
这里是 link 更多 detailed answer。
关于 rabbitmq-auth-backend-http
插件的另一个重要的事情是你必须在 rabbitmq.config
文件。如果错过任何端点,rabbitmq 将采用以下 default values 进行授权。
{user_path, "http://localhost:8000/auth/user"},
{vhost_path, "http://localhost:8000/auth/vhost"},
{resource_path, "http://localhost:8000/auth/resource"},
{topic_path, "http://localhost:8000/auth/topic"}