CODEWITHSUNDEEP
javarabbitmqamqp
andi0815
andi0815

Reputation: 130

RabbitMQ authentication without password

Because I don't need to consider security issues in my application, I want to connect to RabbitMQ using the Java client without a password.

In the management UI, I set the users password to "no password". Then I tried it this way:

ConnectionFactory factory = new ConnectionFactory();
factory.setHost("localhost");
factory.setUsername("myuser");
connection = factory.newConnection();

Alternatively, I tried to assemble the URI by hand:

factory.setUri("amqp://myuser@localhost:5672");

...but in both cases the authentication fails with this exception:

Exception in thread "main" com.rabbitmq.client.AuthenticationFailureException: ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.
    at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:339)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:716)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:760)
    at de.bmw.rabbitmq.workerqueue.Producer2.main(Producer2.java:51)

Is it even possible to get a connection without a password?

Upvotes: 4

Views: 8132

Answers (3)

Andy
Andy

Reputation: 2749

Passwordless authentication can be achieved by using the rabbitmq-auth-mechanism-ssl as documented here: https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl. This requires that SSL/TLS support is set up and working. If this option is chosen, a trusted root certificate is used for authentication, and any username/password is ignored altogether.

I'm currently investigating whether passwordless authentication is possible in conjunction with LDAP, but I haven't had any luck getting this to work.

Edit: In my environment, Windows services are authenticating using certificate-based auth, and the RabbitMQ cluster admins can authenticate to the management web UI using LDAP. In case you're interested in LDAP auth, here's another post about it.

Upvotes: 3

andi0815
andi0815

Reputation: 130

To finalize this issue. As suggested by Derick Bailey: I helped myself by introducing (default) credentials for the different clients.

Upvotes: 0

Derick Bailey
Derick Bailey

Reputation: 72858

Because I don't need to consider security issues in my application

I would heavily question this assumption. In fact, I would go so far as to say this is never correct.

That being said:

just use a simple password that anyone can know. It's going to be easier to do that, than to try and make RMQ work without a password.

Upvotes: 3

Related Questions