Rabbit MQ 后端 http 授权不起作用

Rabbit MQ backend http authorisation not working

我已配置 rabbitmq-auth-backend-http,我的 rabbitmq.config 如下所示

[
  {rabbit, [{auth_backends, [rabbit_auth_backend_http, rabbit_auth_backend_internal]}]},
  {rabbitmq_auth_backend_http,
   [{http_method,   get},
    {user_path,     "http://localhost:8080/auth/user"},
    {vhost_path,    "http://localhost:8080/auth/vhost"},
    {resource_path, "http://localhost:8080/auth/resource"},
    {topic_path,    "http://localhost:8080/auth/topic"}]}
].

授权端点 http://localhost:8080/auth 已启动并且 运行。

但是当我尝试登录时 http://localhost:15672/api/whoami api 失败,状态代码为 500。

rabbitmq 内部数据库的身份验证工作正常。唯一的问题是在 auth_backends 中添加 rabbit_auth_backend_http 不起作用。它甚至没有达到授权端点。我检查了 var/rabbitmq/rabbit@localhost.log 中的日志, 但没有帮助。我在这里发布日志

=ERROR REPORT==== 18-Aug-2017::21:55:46 === Ranch listener rabbit_web_dispatch_sup_15672 had connection process started with cowboy_protocol:start_link/4 at <0.574.0> exit with reason: {[{reason,undef},{mfa,{rabbit_mgmt_wm_whoami,is_authorized,2}},{stacktrace,[{rabbit_auth_backend_http,user_login_authentication,[<<"test">>,[{password,<<"test">>}]],[]},{rabbit_access_control,try_authenticate,3,[{file,"src/rabbit_access_control.erl"},{line,88}]},{rabbit_access_control,'-check_user_login/2-fun-0-',4,[{file,"src/rabbit_access_control.erl"},{line,74}]},{lists,foldl,3,[{file,"lists.erl"},{line,1263}]},{rabbit_mgmt_util,is_authorized,6,[{file,"src/rabbit_mgmt_util.erl"},{line,149}]},{cowboy_rest,call,3,[{file,"src/cowboy_rest.erl"},{line,976}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]},{req,[{socket,#Port<0.26006>},{transport,ranch_tcp},{connection,keepalive},{pid,<0.574.0>},{method,<<"GET">>},{version,'HTTP/1.1'},{peer,{{127,0,0,1},51220}},{host,<<"localhost">>},{host_info,undefined},{port,15672},{path,<<"/api/whoami">>},{path_info,undefined},{qs,<<>>},{qs_vals,[]},{bindings,[]},{headers,[{<<"host">>,<<"localhost:15672">>},{<<"connection">>,<<"keep-alive">>},{<<"authorization">>,<<"Basic dGVzdDp0ZXN0">>},{<<"user-agent">>,<<"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36">>},{<<"content-type">>,<<"application/json">>},{<<"accept">>,<<"/">>},{<<"referer">>,<<"http://localhost:15672/">>},{<<"accept-encoding">>,<<"gzip, deflate, br">>},{<<"accept-language">>,<<"en-US,en;q=0.8">>},[{<<"connection">>,[<<"keep-alive">>]}]},{cookies,undefined},{meta,[]},{body_state,waiting},{buffer,<<>>},{multipart,undefined},{resp_compress,true},{resp_state,waiting},{resp_headers,[{<<"vary">>,<<"origin">>}]},{resp_body,<<>>},{onresponse,#Fun}]},{state,{context,undefined,none,undefined}}],[{cowboy_rest,error_terminate,5,[{file,"src/cowboy_rest.erl"},{line,1009}]},{cowboy_rest,is_authorized,2,[{file,"src/cowboy_rest.erl"},{line,150}]},{cowboy_protocol,execute,4,[{file,"src/cowboy_protocol.erl"},{line,442}]}]}

我做错了什么?

感谢您的帮助。

rabbitmq-user google 组发布这个问题后,我得到了解决方案。您需要手动安装 rabbitmq-auth-backend-http。 在 rabbitmq.config 文件中添加配置不会安装它。

这里是 link 更多 detailed answer

关于 rabbitmq-auth-backend-http 插件的另一个重要的事情是你必须在 rabbitmq.config 文件。如果错过任何端点,rabbitmq 将采用以下 default values 进行授权。

{user_path,     "http://localhost:8000/auth/user"},
{vhost_path,    "http://localhost:8000/auth/vhost"},
{resource_path, "http://localhost:8000/auth/resource"},
{topic_path,    "http://localhost:8000/auth/topic"}