rabbitMQ allows setting system-wide tunable parameters and setting them via configuration files. Typically, in the rabbitmq/rabbitmq.config file.
However, I did not find this file in 3.6.9, so I still need to find and learn later
Manage users
Add user: ./rabbitmqctl add_user cashing-tier cashMel
cashing-tier is the username and cashMel is the password
输出:Creating user "cashing-tier"...done.
Delete user: ./rabbitmqctl dlete_user cashing-tier
输出:Deleting user "cashing-tier"...done.
View users: rabbitmqctl list_users
Output: Listing users...
cashing-tier
guest
...done
Change password: ./rabbitmqctl change_password cashing-tier comp13xPassword
输出:Changing password for user "cashing-tier"...
....done
Rabbit's permission system
Suppose you have sycamore's vhost and want to give the cashing-tier full access (config, write and read). At this time, the set_permissions of rabbitmqctl is required to complete:
./rabbitmqctl set_permissions -p sycamore\cashing-tier ".*"".*"".*"
-p sycamore---- tells which vhost the set_permissions entry should be applied to
cashing-tier------users who have been granted permissions
".*"".*"".*"------Authorized permissions. They are mapped to configuration, write and read respectively.
Here is the regular expression, using ".*" to refer to all permissions (config, and write and read). Think of it as matching any queue or exchange name.
If you grant permissions on the oak vhost for the cashing-tier, you want to allow the user to perform read operations on any queue or exchange, while restricting it to only allow writes to queues and exchanges whose names begin with checks-. At the same time, you want to completely block configuration operations. For this purpose, three regular expressions need to be designed:
".*" - matches any queue and exchange
"checks-.*"------match only queues and exchanges whose names start with "checks-"
"" does not match queues and exchanges (this is how the specified permission is denied to the user)
Putting it all together, execute like this:
./rabbitmqctl set_permissions -p oak\-s all cashing-tier "" "checks-.*" ".*"
You can use the list_permissions command to verify that the permissions are correctly assigned to the oak vhost
./rabbitmqctl list_permissions -p oak
Listing permissions in vhost "oak"...
cashing-tier checks.* .* all
Remove permissions:
./rabbitmqctl clear_permissions -p oak cashing-tier
If you want to view the user's permissions on all vhosts on rabbitMQ, then use list_user_permissions:
./rabbitmqctl list_user_permissions cashing-tier
Listing permissions for user "cashing-tier"...
oak checks-.* .* all
sycamore .* .* .* all
...done.