Prevent RabbitMQ web-stomp client from sending

Question

I have RabbitMQ + WebStomp. I would like totally restrict ability to send info to queue from JavaScript code. Instead only server side should do this.

In other words I would like allow following code:

...
client.subscribe("/queue/My-One-Way-Queue", function(m) {
...
client.onreceive = function(message) {
    console.log(message);
}

And prevent malicious software to do following:

client.send('/queue/My-One-Way-Queue', 
    {'reply-to': '/temp-queue/My-One-Way-Queue'}, text);

score 0 · Accepted Answer · answered Oct 06 '14 at 11:13

0

You need to create a user for the JavaScript client that has read permissions only. See: https://www.rabbitmq.com/access-control.html

answered Oct 06 '14 at 11:13

old_sound

2,243
1
13
16

Prevent RabbitMQ web-stomp client from sending

1 Answers1