Chapter 7. Security
7.1. Securing connections with SSL/TLS
AMQ JavaScript uses SSL/TLS to encrypt communication between clients and servers.
To connect to a remote server with SSL/TLS, set the transport
connection option to tls
.
Example: Enabling SSL/TLS
var opts = {
host: "example.com",
port: 5671,
transport: "tls"
};
container.connect(opts);
By default, the client will reject connections to servers with untrusted certificates. This is sometimes the case in test environments. To bypass certificate authorization, set the rejectUnauthorized
connection option to false
. Be aware that this compromises the security of your connection.
7.2. Connecting with a user and password
AMQ JavaScript can authenticate connections with a user and password.
To specify the credentials used for authentication, set the username
and password
connection options.
Example: Connecting with a user and password
var opts = { host: "example.com", username: "alice", password: "secret" }; container.connect(opts);
7.3. Configuring SASL authentication
AMQ JavaScript uses the SASL protocol to perform authentication. SASL can use a number of different authentication mechanisms. When two network peers connect, they exchange their allowed mechanisms, and the strongest mechanism allowed by both is selected.
AMQ JavaScript enables SASL mechanisms based on the presence of user and password information. If the user and password are both specified, PLAIN
is used. If only a user is specified, ANONYMOUS
is used. If neither is specified, SASL is disabled.