MQTT broker bridges in RabbitMQ and scalability
Locked
12
12
 
|
Hi,
Is there any broker bridge concept against rabbitmq MQTT plugin , as there is one in Mosquito ? And also how can we scale rabbit mq? Can you refer any architectural diagram for RabbitMQ MQTT plugin. Thanks , Ankur. =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT broker bridges in RabbitMQ and scalability
|
|
On 15/07/2014 7:45AM, Ankur5 C wrote:
> Is there any broker bridge concept against rabbitmq MQTT plugin , as > there is one in Mosquito ? You can connect RabbitMQ brokers using federation: http://www.rabbitmq.com/federation.html The underlying protocol is AMQP though. Cheers, Simon -- Simon MacMullen RabbitMQ, Pivotal _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
Hi,
I want the default user guest to work from remote host. My rabbitmq config file looks like : [{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]}, {rabbitmq_mqtt, [{default_user, <<"guest">>}, {default_pass, <<"guest">>}, {loopback_users, []}, {allow_anonymous, true}, {vhost, <<"/">>}, {subscription_ttl, 1800000}, {prefetch, 10}, {ssl_listeners, [8883]}, {tcp_listeners, [1883]}, {tcp_listen_options, [binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}]}]} ]. I have mentioned the {loopback_users, []} , and even after restarting the rabbitmq server my mqtt client is saying Not authorized to connect and the logs reveal , MQTT login failed for "guest" access_refused (access must be from localhost). Please suggest. From,local host all is well. Thanks and Regards, Ankur Chakraborty =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 18 July 2014 at 13:00:44, Ankur5 C ([hidden email]) wrote:
> > {loopback_users, []} loopback_users is a RabbitMQ server config setting, not the MQTT plugin. The example on http://www.rabbitmq.com/access-control.html includes it in the "rabbit" app config. It is also highly recommended to use a new user with non-obvious credentials rather than enabling remote access for "guest". -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
Thanks , I am going to use a new user.
Is it the right way . This time I am getting Bad
user name or password (4). How to
set up a new user ?
[{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]}, {rabbitmq_mqtt, [{default_user, <<"cto">>}, {default_pass, <<"cto">>}, {allow_anonymous, true}, {vhost, <<"/">>}, {subscription_ttl, 1800000}, {prefetch, 10}, {ssl_listeners, [8883]}, {tcp_listeners, [1883]}, {tcp_listen_options, [binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}]}]} ]. Thanks and Regards, Ankur Chakraborty From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 18-07-2014 14:33 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users On 18 July 2014 at 13:00:44, Ankur5 C ([hidden email]) wrote: > > {loopback_users, []} loopback_users is a RabbitMQ server config setting, not the MQTT plugin. The example on http://www.rabbitmq.com/access-control.html includes it in the "rabbit" app config. It is also highly recommended to use a new user with non-obvious credentials rather than enabling remote access for "guest". -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 18 July 2014 at 13:17:40, Ankur5 C ([hidden email]) wrote:
> > This time I am getting Bad user name or password (4). How to set > up a new user ? rabbitmqctl add_user: http://www.rabbitmq.com/man/rabbitmqctl.1.man.html > {rabbitmq_mqtt, [{default_user, <<"cto">>}, > {default_pass, <<"cto">>}, Using the same password as username is a terrible practice. -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
In reply to this post by Ankur5 C
(18/07/14 10:17), Ankur5 C wrote:
Thanks , I am going to use a new user. Is it the right way . This time I am getting Bad user name or password (4). How to set up a new user ?Just to throw in my 2c, the default_user/default_pass are only applied in the broker when it starts up with an empty database, so when it first starts or after a rabbitmqctl reset. So, whilst you could do that, Michael's suggestion of using rabbitmqctl add_user is virtually always what you want. Hope that's useful.
_______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
In reply to this post by Michael Klishin-2
Also sharing my client code : Do I need to use any user name and password
at the client end? try { client = new MqttClient( "tcp://ec2-54-179-77-171.ap-southeast-1.compute.amazonaws.com:1883", "AmazonTest"); client.connect(); System.out.println("Connection status :: "+client .isConnected()); int i=0; MqttMessage message = new MqttMessage(); while(true){ try { i++; Thread.sleep(1000); message.setPayload(("Hii I am Raspberry PI!!!"+Integer.toString(i)).getBytes()); client.publish("Raspberry/test", message); } catch (InterruptedException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } catch (MqttException e) { e.printStackTrace(); } } Thanks and Regards, Ankur Chakraborty Tata Consultancy Services Mailto: [hidden email] Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ From: Ankur5 C/KOL/TCS To: Michael Klishin <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 18-07-2014 14:46 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users Thanks , I am going to use a new user. Is it the right way . This time I am getting Bad user name or password (4). How to set up a new user ? [{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]}, {rabbitmq_mqtt, [{default_user, <<"cto">>}, {default_pass, <<"cto">>}, {allow_anonymous, true}, {vhost, <<"/">>}, {subscription_ttl, 1800000}, {prefetch, 10}, {ssl_listeners, [8883]}, {tcp_listeners, [1883]}, {tcp_listen_options, [binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}]}]} ]. Thanks and Regards, Ankur Chakraborty From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 18-07-2014 14:33 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users On 18 July 2014 at 13:00:44, Ankur5 C ([hidden email]) wrote: > > {loopback_users, []} loopback_users is a RabbitMQ server config setting, not the MQTT plugin. The example on http://www.rabbitmq.com/access-control.html includes it in the "rabbit" app config. It is also highly recommended to use a new user with non-obvious credentials rather than enabling remote access for "guest". -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 18 July 2014 at 13:43:32, Ankur5 C ([hidden email]) wrote:
> > Also sharing my client code : Do I need to use any user name and > password > at the client end? You can configure MQTT plugin to not perform authentication as authentication is optional in MQTT: http://www.rabbitmq.com/mqtt.html If you ask me, this is a terrible MQTT feature (and in fact I know that some MQTT-based services reject unauthenticated clients). But if you use default_user and default_pass, you do not need to provide any credentials. That's why default_user/default_pass are there. Again, this is pretty clearly documented in http://www.rabbitmq.com/mqtt.html. -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
ok , great i will use guest as default
user and pass.
This is my rabbit config file : [{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]}, {rabbitmq_mqtt, [{default_user, <<"guest">>}, {default_pass, <<"guest">>}, {allow_anonymous, true}, {vhost, <<"/">>}, {subscription_ttl, 1800000}, {prefetch, 10}, {ssl_listeners, [8883]}, {tcp_listeners, [1883]}, {tcp_listen_options, [binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}]}]} ]. Please let me know where should I provide the loopback_users ? Ankur Chakraborty Tata Consultancy Services Plot C, Block EP , Salt Lake Electronics Complex Kolkata - 700091,West Bengal India Ph:- +913366367304 Buzz:- 4337304 Mailto: [hidden email] Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 18-07-2014 15:22 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users On 18 July 2014 at 13:43:32, Ankur5 C ([hidden email]) wrote: > > Also sharing my client code : Do I need to use any user name and > password > at the client end? You can configure MQTT plugin to not perform authentication as authentication is optional in MQTT: http://www.rabbitmq.com/mqtt.html If you ask me, this is a terrible MQTT feature (and in fact I know that some MQTT-based services reject unauthenticated clients). But if you use default_user and default_pass, you do not need to provide any credentials. That's why default_user/default_pass are there. Again, this is pretty clearly documented in http://www.rabbitmq.com/mqtt.html. -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 18 July 2014 at 14:33:02, Ankur5 C ([hidden email]) wrote:
> > Please let me know where should I provide the loopback_users > ? This is documented with an example in http://www.rabbitmq.com/access-control.html: [{rabbit, [{loopback_users, []}]}]. So, in your case it becomes {rabbit, [{loopback_users, []} {tcp_listeners, [5672]}, {ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}]} -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
Hi,
Just wanted to know using Paho java client how can I connect a rabbit mq mqtt broker using username and password. At the broker side I have to add user and password and add the user from rabbitmq ctl. Then what should be done at the paho java client end ? Please suggest with example. Thanks and Regards, Ankur Chakraborty =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 22 July 2014 at 10:52:11, Ankur5 C ([hidden email]) wrote:
> > Just wanted to know using Paho java client how can I connect a > rabbit mq mqtt broker using username and password. > > At the broker side I have to add user and password and add the user > from rabbitmq ctl. Then what should be done at the paho java client > end ? > > Please suggest with example. Ankur, You don't need to configure anything in the Paho Java client, just provide a URI, client-id and (possibly) client WAL/persister. This is what two MqttClient constructors do: http://www.eclipse.org/paho/files/javadoc/index.html Also, you do not technically have to add a new user to RabbitMQ but if you connect from remote hosts and want to use reasonable security practices, that's a good idea. That said, in the latter case non-authenticated connections is not what you want. -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
So if I do not use SSL , in that case how
does the authentication occur? Anyone who is aware of the uri can post
data to a topic with a client id ?
What is the significance of the user and pass (mentioned as default user and pass) mentioned in the rabbit config file? I am using the default one and using the tag loopback_users, [] for connecting from remote host. All is working fine. Thanks and Regards, Ankur Chakraborty From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 22-07-2014 15:53 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users On 22 July 2014 at 10:52:11, Ankur5 C ([hidden email]) wrote: > > Just wanted to know using Paho java client how can I connect a > rabbit mq mqtt broker using username and password. > > At the broker side I have to add user and password and add the user > from rabbitmq ctl. Then what should be done at the paho java client > end ? > > Please suggest with example. Ankur, You don't need to configure anything in the Paho Java client, just provide a URI, client-id and (possibly) client WAL/persister. This is what two MqttClient constructors do: http://www.eclipse.org/paho/files/javadoc/index.html Also, you do not technically have to add a new user to RabbitMQ but if you connect from remote hosts and want to use reasonable security practices, that's a good idea. That said, in the latter case non-authenticated connections is not what you want. -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 22 July 2014 at 15:41:40, Ankur5 C ([hidden email]) wrote:
> > So if I do not use SSL , in that case how does the authentication > occur? If you configure RabbitMQ to verify peer, the client will be authenticated. Paho can be configured to perform TLS verification, too. http://www.rabbitmq.com/ssl.html Different clients expose different APIs for enabling/disabling peer verification. There are 3 examples that demonstrate how MQTT clients can be set up to use TLS with peer verification, including 2 Paho clients (Java and Python): https://github.com/michaelklishin/mqtt-tls-playground > Anyone who is aware of the uri can post data to a topic with > a client id ? You do not post data to URIs in MQTT. You open a long-running connection using a URI and client-id, then publish messages using a separate protocol frame (which clients expose as a separate API function/method). In Paho, the method is MqttClient#publish: http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String, byte[], int, boolean) Sorry to point this out but this is really basic , a software engineer should be able to figure this out on her own quite quickly. > What is the significance of the user and pass (mentioned as default > user and pass) mentioned in the rabbit config file? We are going in circles on this. This is documented quite clearly: http://www.rabbitmq.com/mqtt.html > I am using the default one and using the tag loopback_users, [] > for connecting from remote host. All is working fine. That can work but now it is possible to connect to your RabbitMQ node using well-known credentials of an administrative user. Doesn't sound incredibly secure to me. -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
I guess I am not able to clarify my question.
Ok let me pose this like , is there any other mode of authentication other than TLS ? When we create topics , is there any feature of role / user based access of those topics? Thanks and Regards, Ankur Chakraborty From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 22-07-2014 17:22 Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users On 22 July 2014 at 15:41:40, Ankur5 C ([hidden email]) wrote: > > So if I do not use SSL , in that case how does the authentication > occur? If you configure RabbitMQ to verify peer, the client will be authenticated. Paho can be configured to perform TLS verification, too. http://www.rabbitmq.com/ssl.html Different clients expose different APIs for enabling/disabling peer verification. There are 3 examples that demonstrate how MQTT clients can be set up to use TLS with peer verification, including 2 Paho clients (Java and Python): https://github.com/michaelklishin/mqtt-tls-playground > Anyone who is aware of the uri can post data to a topic with > a client id ? You do not post data to URIs in MQTT. You open a long-running connection using a URI and client-id, then publish messages using a separate protocol frame (which clients expose as a separate API function/method). In Paho, the method is MqttClient#publish: http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String, byte[], int, boolean) Sorry to point this out but this is really basic , a software engineer should be able to figure this out on her own quite quickly. > What is the significance of the user and pass (mentioned as default > user and pass) mentioned in the rabbit config file? We are going in circles on this. This is documented quite clearly: http://www.rabbitmq.com/mqtt.html > I am using the default one and using the tag loopback_users, [] > for connecting from remote host. All is working fine. That can work but now it is possible to connect to your RabbitMQ node using well-known credentials of an administrative user. Doesn't sound incredibly secure to me. -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: MQTT login failed for "guest" access_refused even after mentioning loopback_users
|
|
On 22 July 2014 at 16:00:08, Ankur5 C ([hidden email]) wrote:
> > Ok let me pose this like , is there any other mode of authentication > other than TLS ? With MQTT you can authenticate using username & password or bypass authentication and use TLS peer verification. Authentication mechanisms in MQTT (the protocol, not the plugin) are not pluggable. RabbitMQ will support TLS certificate authentication [1] for MQTT, too, but currently does not. > When we create topics , is there any feature of role / user based > access of those topics? RabbitMQ itself has fairly flexible authorization: http://www.rabbitmq.com/access-control.html but MQTT (the protocol) does not have the concept of topic authorization as of 3.1.1. So while you can restrict e.g. publishing for MQTT clients (internally, the amq.topic exchange is used by the MQTT plugin), there is no good way to indicate authorization failures to MQTT clients. This is a subject of ongoing debate in the MQTT community, unfortunately, I'm not aware of any suggested improvements for the future spec revisions. 1. https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
Hi,
Is there any plan to implement rabbitmq's topic authorization and authentication ? Our requirement is the same as mentioned in : https://stormpath.com/blog/lightweight-authentication-and-authorization-for-mqtt-with-stormpath/ Topic based authorization and authentication is required against the MQTT plugin of rabbitmq. Thanks and Regards, Ankur Chakraborty =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
Re: Topic authorization and authentication
|
|
On 29 July 2014 at 09:25:39, Ankur5 C ([hidden email]) wrote:
> > Is there any plan to implement rabbitmq's topic authorization > and authentication ? Our requirement is the same as mentioned > in : > > https://stormpath.com/blog/lightweight-authentication-and-authorization-for-mqtt-with-stormpath/ > > Topic based authorization and authentication is required against > the MQTT plugin of rabbitmq. MQTT 3.1.1 (the protocol) does not have a concept of topic authorization. As soon as it does, we'll look into adding it to RabbitMQ MQTT plugin. -- MK Staff Software Engineer, Pivotal/RabbitMQ _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
|
|
Hi,
I am trying to connect rabbitmq over the ssl port but I am getting : accepting AMQP connection <0.231.0> (192.168.161.171:65208 -> 192.168.161.197:5671) =ERROR REPORT==== 30-Jul-2014::17:53:07 === error on AMQP connection <0.231.0>: {ssl_upgrade_error,timeout} My config file is : [{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"}, {certfile,"/etc/rabbitmq/server/cert.pem"}, {keyfile,"/etc/rabbitmq/server/key.pem"}, {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]} ]. I am using the example https://www.rabbitmq.com/ssl.html , Connecting without validating certificates. Please suggest. Thanks and Regards, Ankur Chakraborty From: Michael Klishin <[hidden email]> To: Ankur5 C <[hidden email]> Cc: Legacy list about RabbitMQ <[hidden email]> Date: 29-07-2014 10:57 Subject: Re: [rabbitmq-discuss] Topic authorization and authentication On 29 July 2014 at 09:25:39, Ankur5 C ([hidden email]) wrote: > > Is there any plan to implement rabbitmq's topic authorization > and authentication ? Our requirement is the same as mentioned > in : > > https://stormpath.com/blog/lightweight-authentication-and-authorization-for-mqtt-with-stormpath/ > > Topic based authorization and authentication is required against > the MQTT plugin of rabbitmq. MQTT 3.1.1 (the protocol) does not have a concept of topic authorization. As soon as it does, we'll look into adding it to RabbitMQ MQTT plugin. -- MK Staff Software Engineer, Pivotal/RabbitMQ =====-----=====-----===== _______________________________________________ rabbitmq-discuss mailing list has moved to https://groups.google.com/forum/#!forum/rabbitmq-users, please subscribe to the new list! [hidden email] https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss |
«
Return to RabbitMQ
|
1 view|%1 views
| Free forum by Nabble | Edit this page |