[rabbitmq-discuss] MQTT login failed for "guest" access_refused even after mentioning loopback_users
Ankur5 C
ankur5.c at tcs.com
Tue Jul 22 13:00:03 BST 2014
I guess I am not able to clarify my question.
Ok let me pose this like , is there any other mode of authentication other
than TLS ?
When we create topics , is there any feature of role / user based access
of those topics?
Thanks and Regards,
Ankur Chakraborty
From: Michael Klishin <mklishin at gopivotal.com>
To: Ankur5 C <ankur5.c at tcs.com>
Cc: Legacy list about RabbitMQ <rabbitmq-discuss at lists.rabbitmq.com>
Date: 22-07-2014 17:22
Subject: Re: [rabbitmq-discuss] MQTT login failed for "guest"
access_refused even after mentioning loopback_users
On 22 July 2014 at 15:41:40, Ankur5 C (ankur5.c at tcs.com) wrote:
> > So if I do not use SSL , in that case how does the authentication
> occur?
If you configure RabbitMQ to verify peer, the client will be
authenticated.
Paho can be configured to perform TLS verification, too.
http://www.rabbitmq.com/ssl.html
Different clients expose different APIs for enabling/disabling peer
verification.
There are 3 examples that demonstrate how MQTT clients can be set up to
use TLS
with peer verification, including 2 Paho clients (Java and Python):
https://github.com/michaelklishin/mqtt-tls-playground
> Anyone who is aware of the uri can post data to a topic with
> a client id ?
You do not post data to URIs in MQTT. You open a long-running connection
using a URI and client-id, then publish messages using a separate protocol
frame (which clients expose as a separate API function/method).
In Paho, the method is MqttClient#publish:
http://www.eclipse.org/paho/files/javadoc/org/eclipse/paho/client/mqttv3/MqttClient.html#publish(java.lang.String
, byte[], int, boolean)
Sorry to point this out but this is really basic ,
a software engineer should be able to figure this out on her own quite
quickly.
> What is the significance of the user and pass (mentioned as default
> user and pass) mentioned in the rabbit config file?
We are going in circles on this. This is documented quite clearly:
http://www.rabbitmq.com/mqtt.html
> I am using the default one and using the tag loopback_users, []
> for connecting from remote host. All is working fine.
That can work but now it is possible to connect to your RabbitMQ node
using well-known credentials of an administrative user. Doesn't sound
incredibly
secure to me.
--
MK
Staff Software Engineer, Pivotal/RabbitMQ
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140722/5e8f5f56/attachment.html>
More information about the rabbitmq-discuss
mailing list