Add a note about Qpid authentication

Add a note about configuring Qpid authentication for production environments. Closes-Bug: #1266373 Change-Id: I5d377fa321d90ea20ec8da9f5d81950d6e3124d0
2014-01-10 22:53:08 -05:00 · 2014-01-10 22:53:08 -05:00 · 5100778156
commit 5100778156
parent a649dcb192
1 changed files with 18 additions and 0 deletions
--- a/doc/install-guide/ch_basics.xml
+++ b/doc/install-guide/ch_basics.xml
@ -623,6 +623,24 @@ bind-address            = 192.168.0.10</programlisting>
      the <literal>auth</literal> option to
      <literal>no</literal>.</para>
    <screen os="fedora;centos;rhel"> <userinput>auth=no</userinput></screen>
+    <note os="fedora;centos;rhel">
+      <para>
+        To simplify configuration, the Qpid examples in this guide do not use
+        authentication. However, we strongly advise enabling authentication
+        for production deployments. For more information on securing Qpid
+        refer to the
+        <link xlink:href=
+            "http://qpid.apache.org/books/trunk/AMQP-Messaging-Broker-CPP-Book/html/chap-Messaging_User_Guide-Security.html"
+        >Qpid Documentation</link>.
+      </para>
+      <para>
+        After enabling Qpid authenticaton, you must update the configuration
+        file of each OpenStack service to ensure that the
+        <literal>qpid_username</literal> and <literal>qpid_password</literal>
+        configuration keys refer to a valid Qpid username and password,
+        respectively.
+      </para>
+    </note>
    <para os="fedora;centos;rhel">Start Qpid and set it to start
      automatically when the system boots.</para>
    <screen os="fedora;centos;rhel"><prompt>#</prompt> <userinput>service qpidd start</userinput>