Folks, I am just playing with API and getting strange result, may be i am doing something wrong please correct me. [root@aio1-rabbit-mq-container-5233d3c3 root]# rabbitmqctl list_vhosts Listing vhosts ... name /neutron /designate /keystone /aodh / /nova /glance /ceilometer and i have configured monitoring user to query data from API Following works and i am getting data #curl -s http://172.29.239.29:15672/api/vhosts --user monitoring:de4a28d10da980077cea | jq now try to query specific vhosts like nova getting error # curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" } Even i set full permission, getting same error no_authorised, what i am missing? # rabbitmqctl set_permissions monitoring -p /nova "" "" ""
On 5/8/20 12:18 AM, Satish Patel wrote:
Folks,
I am just playing with API and getting strange result, may be i am doing something wrong please correct me.
[root@aio1-rabbit-mq-container-5233d3c3 root]# rabbitmqctl list_vhosts Listing vhosts ... name /neutron /designate /keystone /aodh / /nova /glance /ceilometer
and i have configured monitoring user to query data from API
Following works and i am getting data #curl -s http://172.29.239.29:15672/api/vhosts --user monitoring:de4a28d10da980077cea | jq
now try to query specific vhosts like nova getting error
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
As per: https://www.rabbitmq.com/access-control.html The syntax is: rabbitmqctl set_permissions 'username' -p '/nova' '.*' '.*' '.*' Cheers, Thomas Goirand (zigo)
I have already tried that and same error, most of people saying use "" "" "" will give you full access. On Thu, May 7, 2020 at 8:28 PM Thomas Goirand <zigo@debian.org> wrote:
On 5/8/20 12:18 AM, Satish Patel wrote:
Folks,
I am just playing with API and getting strange result, may be i am doing something wrong please correct me.
[root@aio1-rabbit-mq-container-5233d3c3 root]# rabbitmqctl list_vhosts Listing vhosts ... name /neutron /designate /keystone /aodh / /nova /glance /ceilometer
and i have configured monitoring user to query data from API
Following works and i am getting data #curl -s http://172.29.239.29:15672/api/vhosts --user monitoring:de4a28d10da980077cea | jq
now try to query specific vhosts like nova getting error
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
As per: https://www.rabbitmq.com/access-control.html
The syntax is: rabbitmqctl set_permissions 'username' -p '/nova' '.*' '.*' '.*'
Cheers,
Thomas Goirand (zigo)
Hi, On Thu, May 7, 2020 at 6:18 PM Satish Patel <satish.txt@gmail.com> wrote:
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
Make sure your user as one of the following tag to be able to access the management interface: management, policymaker, monitoring or administrator tag https://www.rabbitmq.com/management.html#permissions -- Mathieu
I did following # rabbitmqctl add_user test test # rabbitmqctl set_user_tags test administrator # rabbitmqctl set_permissions -p / test ".*" ".*" ".*" Now i am getting following error, look like something is missing here, my vhost name is /nova so do i need to specify "/" in api call? # curl -s http://172.29.239.29:15672/api/vhosts/nova --user test:test | jq { "error": "Object Not Found", "reason": "Not Found" } On Thu, May 7, 2020 at 8:52 PM Mathieu Gagné <mgagne@calavera.ca> wrote:
Hi,
On Thu, May 7, 2020 at 6:18 PM Satish Patel <satish.txt@gmail.com> wrote:
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
Make sure your user as one of the following tag to be able to access the management interface: management, policymaker, monitoring or administrator tag
https://www.rabbitmq.com/management.html#permissions
-- Mathieu
I think you need to encode your / as %2F So the URL becomes: http://172.29.239.29:15672/api/vhosts/%2Fnova -- Mathieu On Thu, May 7, 2020 at 9:39 PM Satish Patel <satish.txt@gmail.com> wrote:
I did following
# rabbitmqctl add_user test test # rabbitmqctl set_user_tags test administrator # rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
Now i am getting following error, look like something is missing here, my vhost name is /nova so do i need to specify "/" in api call?
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user test:test | jq { "error": "Object Not Found", "reason": "Not Found" }
On Thu, May 7, 2020 at 8:52 PM Mathieu Gagné <mgagne@calavera.ca> wrote:
Hi,
On Thu, May 7, 2020 at 6:18 PM Satish Patel <satish.txt@gmail.com> wrote:
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
Make sure your user as one of the following tag to be able to access the management interface: management, policymaker, monitoring or administrator tag
https://www.rabbitmq.com/management.html#permissions
-- Mathieu
Damn it, you are goddamn right!!! thank you.. On Thu, May 7, 2020 at 10:19 PM Mathieu Gagné <mgagne@calavera.ca> wrote:
I think you need to encode your / as %2F
So the URL becomes: http://172.29.239.29:15672/api/vhosts/%2Fnova
-- Mathieu
On Thu, May 7, 2020 at 9:39 PM Satish Patel <satish.txt@gmail.com> wrote:
I did following
# rabbitmqctl add_user test test # rabbitmqctl set_user_tags test administrator # rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
Now i am getting following error, look like something is missing here, my vhost name is /nova so do i need to specify "/" in api call?
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user test:test | jq { "error": "Object Not Found", "reason": "Not Found" }
On Thu, May 7, 2020 at 8:52 PM Mathieu Gagné <mgagne@calavera.ca> wrote:
Hi,
On Thu, May 7, 2020 at 6:18 PM Satish Patel <satish.txt@gmail.com> wrote:
# curl -s http://172.29.239.29:15672/api/vhosts/nova --user monitoring:de4a28d10da980077cea | jq { "error": "not_authorised", "reason": "Not administrator user" }
Even i set full permission, getting same error no_authorised, what i am missing?
# rabbitmqctl set_permissions monitoring -p /nova "" "" ""
Make sure your user as one of the following tag to be able to access the management interface: management, policymaker, monitoring or administrator tag
https://www.rabbitmq.com/management.html#permissions
-- Mathieu
participants (3)
-
Mathieu Gagné
-
Satish Patel
-
Thomas Goirand