You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Maybe the problem belongs to the following issue: Notification if HiveMQ starts without Security Extension in CE #56
We are using HiveMQ CE in our Spring mircoservice environment. To secure the communication with the IoT platform, we developed an Authenticator and Authorizer Extension with Spring Boot, Spring Security und Spring Cloud.
HiveMQ CE Version: 2019.1
HiveMQ SDK Version: 4.0.0
Problem
In some cases it's possible for devices to connect with the HiveMQ broker before the extension is ready or if it failed on start up. This can cause data loss in some cases, e. g. if the device connects and sends data with QoS 0.
Is there a way to configure the InternalConfigurations.AUTH_DENY_UNAUTHENTICATED_CONNECTIONS property?
The HiveMQ doesn't shut down if the extension fails. Here we need to configure the environment to detect HiveMQ instances without running extensions.
Is there a way to prevent the start up if an extension fails? Is it planned to add a "mandatory" flag for extensions (like "disabled")?
Preferred solution or suggestions
It would be great if the property, inside the HiveMQ CE implementation, InternalConfigurations.AUTH_DENY_UNAUTHENTICATED_CONNECTIONS is configureable via XML file.
A "mandatory" flag for extensions and a shutdown of the HiveMQ broker if the mandatory extension fails.
Best regards,
Florian Freimann
The text was updated successfully, but these errors were encountered:
Thank you for your feedback and sorry for the late response.
We included the feature request already for internal discussion and will keep you updated in the ticket here.
Please also watch the issue you linked (#56 ) as it is related to this.
With #126 the default behaviour is to deny connections when no security extension is present.
If a security extension startup fails, HiveMQ can be safely stopped without creating a time window where unauthenticated clients can connect.
Problem or use case
Maybe the problem belongs to the following issue: Notification if HiveMQ starts without Security Extension in CE #56
We are using HiveMQ CE in our Spring mircoservice environment. To secure the communication with the IoT platform, we developed an Authenticator and Authorizer Extension with Spring Boot, Spring Security und Spring Cloud.
HiveMQ CE Version: 2019.1
HiveMQ SDK Version: 4.0.0
Problem
Is there a way to configure the InternalConfigurations.AUTH_DENY_UNAUTHENTICATED_CONNECTIONS property?
Is there a way to prevent the start up if an extension fails? Is it planned to add a "mandatory" flag for extensions (like "disabled")?
Preferred solution or suggestions
It would be great if the property, inside the HiveMQ CE implementation, InternalConfigurations.AUTH_DENY_UNAUTHENTICATED_CONNECTIONS is configureable via XML file.
A "mandatory" flag for extensions and a shutdown of the HiveMQ broker if the mandatory extension fails.
Best regards,
Florian Freimann
The text was updated successfully, but these errors were encountered: