How to enable authentication rabbitmq

RabbitmqHow-ToBeginner · 4 min read

How to Enable Authentication in RabbitMQ: Simple Steps

To enable authentication in RabbitMQ, ensure the rabbitmq_auth_backend_internal plugin is enabled (it is by default), then create users with rabbitmqctl add_user and set permissions with rabbitmqctl set_permissions. Authentication is active by default, so managing users and permissions controls access.

📐

Syntax

Authentication in RabbitMQ uses users and permissions managed by rabbitmqctl. The main commands are:

rabbitmqctl add_user <username> <password>: Adds a new user.
rabbitmqctl set_permissions -p <vhost> <username> <conf> <write> <read>: Sets permissions for the user on a virtual host.
rabbitmqctl delete_user <username>: Removes a user.

The default authentication backend is internal, which stores users in RabbitMQ itself.

bash

rabbitmqctl add_user myuser mypassword
rabbitmqctl set_permissions -p / myuser ".*" ".*" ".*"

💻

Example

This example shows how to create a user named guestuser with password guestpass and give full permissions on the default virtual host /.

bash

sudo rabbitmqctl add_user guestuser guestpass
sudo rabbitmqctl set_permissions -p / guestuser ".*" ".*" ".*"
sudo rabbitmqctl list_users

Output

Listing users ... guest [administrator] guestuser []

⚠️

Common Pitfalls

Common mistakes when enabling authentication in RabbitMQ include:

Trying to connect with the default guest user remotely, which is disabled by default for security.
Not setting permissions for new users, causing connection failures.
Forgetting to restart RabbitMQ after changing configuration files (if you modify rabbitmq.conf).

Always create users and set permissions explicitly for your applications.

bash

## Wrong: Using guest user remotely (will fail)
# Connect with guest user from remote machine

## Right: Create a new user and set permissions
sudo rabbitmqctl add_user appuser apppass
sudo rabbitmqctl set_permissions -p / appuser ".*" ".*" ".*"

📊

Quick Reference

Command	Description
rabbitmqctl add_user	Create a new user with password
rabbitmqctl delete_user	Remove an existing user
rabbitmqctl set_permissions -p	Set user permissions on a virtual host
rabbitmqctl list_users	List all users and their tags
rabbitmqctl authenticate_user	Test user authentication (RabbitMQ 3.8+)

✅

Key Takeaways

RabbitMQ authentication is enabled by default using internal user database.

Create users with rabbitmqctl add_user and assign permissions with set_permissions.

The default guest user cannot connect remotely for security reasons.

Always set permissions explicitly to allow user access to virtual hosts.

Use rabbitmqctl list_users to verify users and their roles.