MQTT 密码保护通道
MQTT password protected channel
我正在使用 Mosquitto 作为我的本地网络 mqtt 代理和几个发布和订阅不同频道的客户。
由于客户端通过 mosquitto(在配置中使用 password_file)进行身份验证以访问代理,是否有任何方法可以 确保各个通道?
我喜欢允许一些传感器控制灯(即),但不是每个传感器都可以控制 windows。
Mosquitto 支持 ACL,它允许您设置用户可以 subscribe/publish 访问哪些主题。 mosquitto.conf man 页面中包含有关如何创建 ACL 文件的详细信息:
acl_file file path
Set the path to an access control list file. If
defined, the contents of the file are used to control client access to
topics on the broker.
If this parameter is defined then only the topics listed will have
access. Topic access is added with lines of the format:
topic [read|write|readwrite]
The access type is controlled using "read", "write" or "readwrite".
This parameter is optional (unless includes a space character)
- if not given then the access is read/write. can contain the + or # wildcards as in subscriptions.
The first set of topics are applied to anonymous clients, assuming
allow_anonymous is true. User specific topic ACLs are added after a
user line as follows:
user
The username referred to here is the same as in password_file. It is
not the clientid.
It is also possible to define ACLs based on pattern substitution
within the topic. The form is the same as for the topic keyword, but
using pattern as the keyword.
pattern [read|write|readwrite]
The patterns available for substition are:
%c to match the client id of the client
%u to match the username of the client
The substitution pattern must be the only text for that level of
hierarchy. Pattern ACLs apply to all users even if the "user" keyword
has previously been given.
Example:
pattern write sensor/%u/data
Allow access for bridge connection messages:
pattern write $SYS/broker/connection/%c/state
If the first character of a line of the ACL file is a # it is treated
as a comment.
Reloaded on reload signal. The currently loaded ACLs will be freed and
reloaded. Existing subscriptions will be affected after the reload.
我正在使用 Mosquitto 作为我的本地网络 mqtt 代理和几个发布和订阅不同频道的客户。
由于客户端通过 mosquitto(在配置中使用 password_file)进行身份验证以访问代理,是否有任何方法可以 确保各个通道?
我喜欢允许一些传感器控制灯(即),但不是每个传感器都可以控制 windows。
Mosquitto 支持 ACL,它允许您设置用户可以 subscribe/publish 访问哪些主题。 mosquitto.conf man 页面中包含有关如何创建 ACL 文件的详细信息:
acl_file file path
Set the path to an access control list file. If defined, the contents of the file are used to control client access to topics on the broker.
If this parameter is defined then only the topics listed will have access. Topic access is added with lines of the format:
topic [read|write|readwrite]
The access type is controlled using "read", "write" or "readwrite". This parameter is optional (unless includes a space character) - if not given then the access is read/write. can contain the + or # wildcards as in subscriptions.
The first set of topics are applied to anonymous clients, assuming allow_anonymous is true. User specific topic ACLs are added after a user line as follows:
user
The username referred to here is the same as in password_file. It is not the clientid.
It is also possible to define ACLs based on pattern substitution within the topic. The form is the same as for the topic keyword, but using pattern as the keyword.
pattern [read|write|readwrite]
The patterns available for substition are:
%c to match the client id of the client
%u to match the username of the client
The substitution pattern must be the only text for that level of hierarchy. Pattern ACLs apply to all users even if the "user" keyword has previously been given.
Example:
pattern write sensor/%u/data
Allow access for bridge connection messages:
pattern write $SYS/broker/connection/%c/state
If the first character of a line of the ACL file is a # it is treated as a comment.
Reloaded on reload signal. The currently loaded ACLs will be freed and reloaded. Existing subscriptions will be affected after the reload.