Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

RabbitMQ authentication without password

Tags:

java

rabbitmq

amqp

Because I don't need to consider security issues in my application, I want to connect to RabbitMQ using the Java client without a password.

In the management UI, I set the users password to "no password". Then I tried it this way:

ConnectionFactory factory = new ConnectionFactory();
factory.setHost("localhost");
factory.setUsername("myuser");
connection = factory.newConnection();

Alternatively, I tried to assemble the URI by hand:

factory.setUri("amqp://myuser@localhost:5672");

...but in both cases the authentication fails with this exception:

Exception in thread "main" com.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
    at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:339)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:716)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:760)
    at de.bmw.rabbitmq.workerqueue.Producer2.main(Producer2.java:51)

Is it even possible to get a connection without a password?

like image 637
andi0815 Avatar asked Sep 21 '25 00:09

andi0815

2 Answers

Because I don't need to consider security issues in my application

I would heavily question this assumption. In fact, I would go so far as to say this is never correct.

That being said:

just use a simple password that anyone can know. It's going to be easier to do that, than to try and make RMQ work without a password.

like image 167
Derick Bailey Avatar answered Sep 22 '25 13:09

Derick Bailey

Passwordless authentication can be achieved by using the rabbitmq-auth-mechanism-ssl as documented here: https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl. This requires that SSL/TLS support is set up and working. If this option is chosen, a trusted root certificate is used for authentication, and any username/password is ignored altogether.

I'm currently investigating whether passwordless authentication is possible in conjunction with LDAP, but I haven't had any luck getting this to work.

Edit: In my environment, Windows services are authenticating using certificate-based auth, and the RabbitMQ cluster admins can authenticate to the management web UI using LDAP. In case you're interested in LDAP auth, here's another post about it.

like image 30
Andy Avatar answered Sep 22 '25 14:09

Andy
Sign in to Comment

Related questions

Java POI FormulaEvaluator giving unexpected floating point value

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!