[rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users
mklishin at gopivotal.com
Tue Jul 22 12:51:39 BST 2014
On 22 July 2014 at 15:41:40, Ankur5 C (ankur5.c at tcs.com) wrote:
> > So if I do not use SSL , in that case how does the authentication
If you configure RabbitMQ to verify peer, the client will be authenticated.
Paho can be configured to perform TLS verification, too.
Different clients expose different APIs for enabling/disabling peer verification.
There are 3 examples that demonstrate how MQTT clients can be set up to use TLS
with peer verification, including 2 Paho clients (Java and Python):
> Anyone who is aware of the uri can post data to a topic with
> a client id ?
You do not post data to URIs in MQTT. You open a long-running connection
using a URI and client-id, then publish messages using a separate protocol
frame (which clients expose as a separate API function/method).
In Paho, the method is MqttClient#publish:
http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String, byte, int, boolean)
Sorry to point this out but this is really basic ,
a software engineer should be able to figure this out on her own quite quickly.
> What is the significance of the user and pass (mentioned as default
> user and pass) mentioned in the rabbit config file?
We are going in circles on this. This is documented quite clearly:
> I am using the default one and using the tag loopback_users, 
> for connecting from remote host. All is working fine.
That can work but now it is possible to connect to your RabbitMQ node
using well-known credentials of an administrative user. Doesn't sound incredibly
secure to me.
Staff Software Engineer, Pivotal/RabbitMQ
More information about the rabbitmq-discuss