Security

Secure Your OpenAMQ Server

Contents

  1. Security Mechanisms
  2. Access Controls
  3. Setting Custom Passwords
  4. Defining New Logins
  5. Security FAQ

1. Security Mechanisms

  • OpenAMQ/1.0 is designed for intranet use and does not provide encryption, secure authentication, or access controls. Applications login using plain text logins and passwords, using the SASL PLAIN mechanism.
  • OpenAMQ/1.1, under development, will have TLS/SSL encryption and will support secure authentication.

By default a new OpenAMQ installation is insecure. For production use you must define non-default passwords as explained below. If you run the server with the default passwords, it will issue this message at startup: 

W: security warning - logins use default passwords

2. Access Controls

AMQP applications must authenticate using a user login that amq_server accepts. User logins and corresponding passwords are defined in the server configuration file.

amq_server defines three types of user:

  • Normal application logins, which can do all normal operations on the server. The default normal login is "guest", with password "guest".
  • Super-user logins, which can exceed configured limits and do updates via the OpenAMQ Console. The default super user login is "super", with password "super".
  • Cluster logins, which are used only between clustered servers. The default cluster login is "cluster", with password "cluster". Note that

3. Setting Custom Passwords

We advise you to set custom passwords for all production-use of OpenAMQ. To do this, in the file amq_server.cfg, add this section: 

<security name = "plain">
    <user name = "guest" password = "[new normal password]" />
    <user name = "super" password = "[new super password]" />
</security>

Note that if amq_server.cfg does not already exist, it should look like this (when empty): 

<?xml version="1.0"?>
<config>
    <!-- Configuration data comes here -->
</config>

4. Defining New Logins

To create new logins for normal applications, add lines in this form to the amq_server.cfg file: 

<security name = "plain">
    <user name = "[login name]" password = "[new normal password]" group = "normal"/>
</security>

To create new logins for super user applications, add lines in this form to the amq_server.cfg file: 

<security name = "plain">
    <user name = "[login name]" password = "[new super password]" group = "super"/>
</security>

5. Security FAQ

  • Where do I place the amq_server.cfg file? Answer: the amq_server.cfg file must be accessible to the amq_server executable when you start it. The simplest technique is to place the configuration file in the directory where you run the server. Alternatively you can place the configuration data on the path, e.g. together with the server binary.
  • What protection should I put on the configuration file? Answer: the configuration file not be readable or writable by unauthorised system users
  • Can I rename the configuration file? Answer: yes, the server '-s' option lets you specify alternative configuration file names.
  • Will OpenAMQ support a more robust security model in the future? Answer: yes. The current security model in OpenAMQ is not intended to protect against hostile access but rather accidental access to the wrong server. Future versions of OpenAMQ will support more robust security mechanisms.