[rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users
Michael Klishin
mklishin at gopivotal.com
Tue Jul 22 12:51:39 BST 2014
On 22 July 2014 at 15:41:40, Ankur5 C (ankur5.c at tcs.com) wrote:
> > So if I do not use SSL , in that case how does the authentication
> occur?
If you configure RabbitMQ to verify peer, the client will be authenticated.
Paho can be configured to perform TLS verification, too.
http://www.rabbitmq.com/ssl.html
Different clients expose different APIs for enabling/disabling peer verification.
There are 3 examples that demonstrate how MQTT clients can be set up to use TLS
with peer verification, including 2 Paho clients (Java and Python):
https://github.com/michaelklishin/mqtt-tls-playground
> Anyone who is aware of the uri can post data to a topic with
> a client id ?
You do not post data to URIs in MQTT. You open a long-running connection
using a URI and client-id, then publish messages using a separate protocol
frame (which clients expose as a separate API function/method).
In Paho, the method is MqttClient#publish:
http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String, byte[], int, boolean)
Sorry to point this out but this is really basic ,
a software engineer should be able to figure this out on her own quite quickly.
> What is the significance of the user and pass (mentioned as default
> user and pass) mentioned in the rabbit config file?
We are going in circles on this. This is documented quite clearly:
http://www.rabbitmq.com/mqtt.html
> I am using the default one and using the tag loopback_users, []
> for connecting from remote host. All is working fine.
That can work but now it is possible to connect to your RabbitMQ node
using well-known credentials of an administrative user. Doesn't sound incredibly
secure to me.
--
MK
Staff Software Engineer, Pivotal/RabbitMQ
More information about the rabbitmq-discuss
mailing list