[rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users

Michael Klishin mklishin at gopivotal.com
Tue Jul 22 12:51:39 BST 2014

On 22 July 2014 at 15:41:40, Ankur5 C (ankur5.c at tcs.com) wrote:
> > So if I do not use SSL , in that case how does the authentication  
> occur?

If you configure RabbitMQ to verify peer, the client will be authenticated.
Paho can be configured to perform TLS verification, too.


Different clients expose different APIs for enabling/disabling peer verification.
There are 3 examples that demonstrate how MQTT clients can be set up to use TLS
with peer verification, including 2 Paho clients (Java and Python):


> Anyone who is aware of the uri can post data to a topic with  
> a client id ?

You do not post data to URIs in MQTT. You open a long-running connection
using a URI and client-id, then publish messages using a separate protocol
frame (which clients expose as a separate API function/method).

In Paho, the method is MqttClient#publish:
http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String, byte[], int, boolean)

Sorry to point this out but this is really basic  ,
a software engineer should be able to figure this out on her own quite quickly.

> What is the significance of the user and pass (mentioned as default  
> user and pass) mentioned in the rabbit config file?

We are going in circles on this. This is documented quite clearly:

> I am using the default one and using the tag loopback_users, []  
> for connecting from remote host. All is working fine.

That can work but now it is possible to connect to your RabbitMQ node
using well-known credentials of an administrative user. Doesn't sound incredibly
secure to me.

Staff Software Engineer, Pivotal/RabbitMQ

More information about the rabbitmq-discuss mailing list