diff options
Diffstat (limited to 'rabbitmq.conf.d/rabbitmq.conf')
| -rw-r--r-- | rabbitmq.conf.d/rabbitmq.conf | 56 |
1 files changed, 30 insertions, 26 deletions
diff --git a/rabbitmq.conf.d/rabbitmq.conf b/rabbitmq.conf.d/rabbitmq.conf index 31b0cd4910..a9e23b2908 100644 --- a/rabbitmq.conf.d/rabbitmq.conf +++ b/rabbitmq.conf.d/rabbitmq.conf @@ -60,7 +60,7 @@ loopback_user.guest = true ## Uncomment the following line if you want to allow access to the ## guest user from anywhere on the network. -loopback_user.guest = false +# loopback_user.guest = false ## Configuring SSL. ## See http://www.rabbitmq.com/ssl.html for full documentation. @@ -84,7 +84,12 @@ auth_mechanism.amqplain = AMQPLAIN ## Select an authentication database to use. RabbitMQ comes bundled ## with a built-in auth-database, based on mnesia. ## -auth_backend.internal = rabbit_auth_backend_internal +auth_backends.1 = internal + +auth_backends.2.authn = ldap +auth_backends.2.authz = internal + +auth_backends.3.authz = rabbit_auth_backend_uaa ## Configurations supporting the rabbitmq_auth_mechanism_ssl and ## rabbitmq_auth_backend_ldap plugins. @@ -111,10 +116,10 @@ auth_backend.internal = rabbit_auth_backend_internal ## Enable the LDAP auth backend by adding to or replacing the ## auth_backends entry: ## -# auth_backend.ldap = rabbit_auth_backend_ldap +# auth_backends.2 = rabbit_auth_backend_ldap ## Add another backend -# auth_backend.http = rabbit_auth_backend_http +# auth_backend.3 = rabbit_auth_backend_http ## This pertains to both the rabbitmq_auth_mechanism_ssl plugin and @@ -292,7 +297,7 @@ mirroring_sync_batch_size = 4096 ## See http://www.rabbitmq.com/clustering.html#auto-config for ## further details. ## -cluster_nodes.disc.rabbit = rabbit@my.host.com +# cluster_nodes.disc.rabbit = rabbit@my.host.com ## You can define multiple nodes # cluster_nodes.disc.hare = hare@my.host.com @@ -306,7 +311,7 @@ cluster_nodes.disc.rabbit = rabbit@my.host.com ## as net_ticktime; missed keepalive messages will not cause nodes ## to be considered down. ## -cluster_keepalive_interval = 10000 +# cluster_keepalive_interval = 10000 ## ## Statistics Collection @@ -360,7 +365,7 @@ queue_index_embed_msgs_below = 4kb # Kernel section # ====================================== -kernel.net_ticktime = 60 +# kernel.net_ticktime = 60 ## ---------------------------------------------------------------------------- ## RabbitMQ Management Plugin @@ -403,14 +408,13 @@ management.rates_mode = basic ## lengths) is retained. Please read the plugin's documentation in ## http://www.rabbitmq.com/management.html#configuration for more ## details. -## -# QA: Some funny syntax -management.sample_retention_policies.global.60 = 5 -management.sample_retention_policies.global.3600 = 60 -management.sample_retention_policies.global.86400 = 1200 +## Your can use 'minute', 'hour' and '24hours' keys or integer key (in seconds) +management.sample_retention_policies.global.minute = 5 +management.sample_retention_policies.global.hour = 60 +management.sample_retention_policies.global.24hours = 1200 -management.sample_retention_policies.basic.60 = 5 -management.sample_retention_policies.basic.3600 = 60 +management.sample_retention_policies.basic.minute = 5 +management.sample_retention_policies.basic.hour = 60 management.sample_retention_policies.detailed.10 = 5 @@ -469,7 +473,7 @@ stomp.ssl_cert_login = true ## SSL certificate whenever the first frame sent on a session is not a ## CONNECT frame. ## -stomp.implicit_connect = true +# stomp.implicit_connect = true ## ---------------------------------------------------------------------------- ## RabbitMQ MQTT Adapter @@ -495,7 +499,7 @@ stomp.implicit_connect = true ## login information in order to connect. See the default_user/default_pass ## configuration elements for managing logins without authentication. ## -mqtt.allow_anonymous = true +# mqtt.allow_anonymous = true ## If you have multiple chosts, specify the one to which the ## adapter connects. @@ -508,7 +512,7 @@ mqtt.exchange = amq.topic ## Specify TTL (time to live) to control the lifetime of non-clean sessions. ## -mqtt.subscription_ttl = 1800000 +# mqtt.subscription_ttl = 1800000 ## Set the prefetch count (governing the maximum number of unacknowledged ## messages that will be delivered). @@ -552,11 +556,11 @@ mqtt.num_acceptors.ssl = 1 ## Please note that setting this will allow clients to connect without ## authenticating! ## -amqp1.default_user = guest +amqp1_0.default_user = guest ## Enable protocol strict mode. See the README for more information. ## -amqp1.protocol_strict_mode = false +amqp1_0.protocol_strict_mode = false ## Lager controls logging. ## See https://github.com/basho/lager for more documentation @@ -616,10 +620,10 @@ amqp1.protocol_strict_mode = false ## Specify servers to bind to. You *must* set this in order for the plugin ## to work properly. ## -# ldap.servers.myserver = your-server-name-goes-here +# ldap.servers.1 = your-server-name-goes-here ## You can define multiple servers -# ldap.servers.other_server = your-other-server +# ldap.servers.2 = your-other-server ## Connect to the LDAP server using SSL ## @@ -644,7 +648,7 @@ amqp1.protocol_strict_mode = false ## ## Defaults to false. ## -ldap.log = false +# ldap.log = false ## Also can be true or network # ldap.log = true @@ -658,7 +662,7 @@ ldap.log = false ## Pattern to convert the username given through AMQP to a DN before ## binding ## -ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com +# ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com ## Alternatively, you can convert a username to a Distinguished ## Name via an LDAP lookup after binding. See the documentation for @@ -668,8 +672,8 @@ ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com ## the name of the attribute that represents the user name, and the ## base DN for the lookup query. ## -ldap.dn_lookup_attribute = userPrincipalName -ldap.dn_lookup_base = DC=gopivotal,DC=com +# ldap.dn_lookup_attribute = userPrincipalName +# ldap.dn_lookup_base = DC=gopivotal,DC=com ## Controls how to bind for authorisation queries and also to ## retrieve the details of users logging in without presenting a @@ -681,7 +685,7 @@ ldap.dn_lookup_base = DC=gopivotal,DC=com ## ## Defaults to 'as_user'. ## -ldap.other_bind = as_user +# ldap.other_bind = as_user ## Or can be more complex: # ldap.other_bind.user_dn = User |