We are currently evaluating NServiceBus in combination with RabbitMQ, and we have a security-related question. Basically, we would like to avoid giving more permissions than they should to application users on the broker. Therefore, we think they should not necessarily be able to create/delete exchanges, bindings and queues. The necessary broker config should be done beforehand.
I was thinking this was one of the goals of having installers in NServiceBus, but this does not seem to work. Our idea was to start our application in “Install mode” with a RabbitMQ user having administrative privileges, creating all queues, exchanges and bindings, but without starting the endpoint.
Then we would start it normally, with restricted rights (basic publish/consume) on the previously created artifacts. However, when starting an endpoint or sending a message, NServiceBus seems to systematically try to configure exchanges, bindings and queues even if they exists, which fails if the user does not have permissions.
Does someone have any idea on how could we separate deployment/broker config and runtime security needs?