Authentication

Feng Lee edited this page Nov 27, 2015 · 7 revisions

Overview

emqttd support extensible authentication mechanism.

Configuration

Configure authentication method in 'etc/emqttd.config':

    {access, [
        %% Authetication. Anonymous Default
        {auth, [
            %% Authentication with username, password
            %{username, []},
            %% Authentication with clientid
            %{clientid, [{password, no}, {file, "etc/clients.config"}]},
            %% Allow all
            {anonymous, []}
        ]},

emqttd provide three authentication methods by defualt:

  • anonymous: no authentication, usually used when test or development
  • username: authenticate with username and password
  • clientId: authenticate with clientId and ipaddress

Authentication with username, password

etc/emqtt.config

    {access, [
        %% Authetication. Anonymous Default
        {auth, [
            %% Authentication with username, password
            {username, []}
        ]},

load user with './bin/emqttd_ctl'

Load user with './bin/emqttd_ctl users' command.

./bin/emqttd_ctl users add <Username> <Password>

Authentication with clientId and ipaddress

etc/emqtt.config

 {access, [
        %% Authetication. Anonymous Default
        {auth, [
            %% Authentication with clientid
            {clientid, [{password, no}, {file, "etc/clients.config"}]}
        ]},

etc/clients.config

All allowed clientIds in this file, for example:

testclientid0
testclientid1 127.0.0.1
testclientid2 192.168.0.1/24

Authentication with Plugin

Write an authentication plugin to integrate with MySQL, LDAP...etc.

Please check 'plugins/emqttd_auth_mysql', or 'plugins/emqttd_auth_ldap'.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.