[rabbitmq-discuss] MQTT topic ACLs Query
mark at wolfe.id.au
Tue Jan 7 12:10:13 GMT 2014
I am working on moving an IoT platform from a custom TCP protocol across to
MQTT, the aim is to provide a combined topic structure for these devices
partitioned by a user identifier then a group or zone identifier.
We have in home and cloud services, with a range of topics used by either
Incoming messages to the central cloud services, which are sent from the in
home gateway are organised under $cloud base, note variable params are
signified by :
Outgoing to the gateway, these are subscribed to by the software on the
Now given that each gateway authenticates using a username and password the
types of rules we are looking for are very similar to those currently
present in RabbitMQ, for AMQP.
Restrict write access to the outgoing topics
$cloud/[userid]/[zoneid]/[gwid]/.* for a given user.
Restrict read access to the incoming topics $gw/[userid]/[zoneid]/[gwid]/.*
for a given user.
The aim here is to keep a given user constrained to a part of the topic
The reason I am keen to continue using RabbitMQ is it has done a sterling
job of knitting together a number of internal services, most of which
connect using AMQP, using either amqplib by Michael Bridgen or the golang
AMQP library by Sean Treadway.
Outside our core I am keen to use MQTT as:
- the gateway devices are in a lot of cases are on consumer wireless
- in some cases these will be micro controllers such as Arduinos
- mostly non x86, so arm and mips based systems.
Hopefully that gives you some insight into what I am hoping to achieve.
On Tue, Jan 7, 2014 at 7:29 PM, Emile Joubert <emile at rabbitmq.com> wrote:
> Hi Mark,
> On 07/01/14 07:38, Mark Wolfe wrote:
> > Interested to hear if anyone intends to add ACL support to the MQTT
> > At the moment it is built around routing keys which as i understand
> > cannot be controlled by the existing ACLs.
> There are no immediate plans to grant permissions on individual topics.
> That is because the feature barely mentioned in the current
> specification, and also because it has no equivalent in AMQP.
> Can you describe your use-case in more detail? This will help us to
> determine which features to include.
I am not young enough to know everything.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the rabbitmq-discuss