RabbitMQ Lab — VLibTour Group communication system with authentication
Introduction to the lab
This lab is about the use cases that are presented in Section 2.3 of the micro-project. The architectural entities that are concerned are the group communication system and the tourist application that are presented in Section 4 of the same document.
In this page, we add authentication to the group communication system that you have developed in the previous page.
This page does not contain a definite step by step description of how to design the group communication of the micro-project. The description is not exhaustive: We only provide essential clues for a possible architecting of the AMQP infrastructure. Please refer to the tutorial lab for the explanations about the AMQP and RabbitMQ concepts, and for the corresponding code examples. For instance, in this lab, we mainly make use of Step 5 of the tutorial—i.e. by mimicking the code of the classes EmitLogTopic and ReceiveLogsTopic in directory ExemplesRabbitMQ/RabbitMQ-Tutorial-Step5 of the examples.
Group communication system in a dedicated virtual host and with authentication
Before starting the refactoring for adding privacy concerns to the group communication systems, read the documentation page on the AMQP concept of virtual host, and then the section User Management of the rabbitmqctl command manual.
As an example, try the following sequence of commands in a terminal:
AMQP architecture of the system
The only difference with the previous figure is the fact that all the AMQP elements (exchange and queues) are in a dedicated virtual host. Since identifiers must be unique in a virtual host, we have also somewhat simplified the names of the exchange, of the queues, and of the binding keys.
This is the final architecture that we propose for a group communication system of a visit—i.e. a group of tourists in a tour. This architecture is going to be built by the lobby room server, which is going to be the subject of the next lab. In the sequel of this lab, we prepare class VLibTourGroupCommunicationSystemProxy for its use with access control to an AMQP virtual host.
Additional design elements
There two ways to open a channel to a broker:
- Create a ConnectionFactory, set the host by calling ConnectionFactory::setHost, etc., open the connection by calling ConnectionFactory::newConnection, and create the channel by calling Connection::createChannel. This is the approach that we have used up to now;
- Create a ConnectionFactory, set a URL by calling ConnectionFactory::setUri, open the connection by calling ConnectionFactory::newConnection, and create the channel by calling Connection::createChannel. Compared to the previous approach, all the configuration parameters are set via the URL—i.e. one method call that replaces "ConnectionFactory::setHost, etc.".
In the next lab, the URL that is going to be returned to the client by the call to createGroupAndJoinIt of the lobby room server will be of the form "amqp://userName:password@hostName:portNumber/virtualHost". Considering that a connection factory is created (see variable factory in the following assignment statement), the URL that is going to be returned by the lobby room to the tourist application will be of the form:
On the client side, the tourist application can use the URL for setting the configuration of the connection factory: e.g. the two instructions "ConnectionFactory factory = new ConnectionFactory();", and "factory.setHost("localhost");" will be replaced by the following instructions:
These two instructions are the easiest way to manage access control on the client side—i.e. no calls to ConnectionFactory::setVirtualHost, ConnectionFactory::setUserName, ConnectionFactory::setPassword, etc.
Adaptation of class VLibTourGroupCommunicationSystemProxy
Adapt the code of class VLibTourGroupCommunicationSystemProxy to use a virtual host and add access control: The argument for connecting to RabbitMQ is a URL.
Adapt also your JUnit classes, and perhaps shell scripts. Use some rabbitmqctl commands to create the users and to set their permissions.
$Date: 2020-10-21 16:05:30 +0200 (mer. 21 oct. 2020) $