In the below code snippet I declare a username and passqord for the subscription.
private final String userName = "user_1";
private final char[] password = "pass".toCharArray();
....
....
final MqttAndroidClient client_1 = new MqttAndroidClient(getApplicationContext(), serverURI,
clientID, persistenceDataDir, Ack.AUTO_ACK);
MqttConnectOptions opts = new MqttConnectOptions();
opts.setCleanSession(false);
opts.setWill(WILL_TOPIC, WILL_MSG.getBytes(), QoS, false);
opts.setKeepAliveInterval(keepAliveInterval);
opts.setUserName(userName);
opts.setPassword(password);
I started the connection from the App with clean session = false and client ID = 1 without passwoed and username Provided, and I kept publishing (from the Pc to the broker) values of a topic I have subscribed to (from the App to the Broker.
Later in the subscribe message I set a pasword and username in my connection options, and did not specify the username and password to the publish message, and re-run the p. what happens is, I recieved the updated published values of the topic i am subsribed to.
After that, in the publish i specified a wrong username and password and subscriped to the same topic, and when i run the App, i receive the values normaly.
I am using the password and username wrongly?
To Note: I have tried the same procedure with different clientID and i receive the published values even with wrong password specified.
You need to set up a acl file and a password file in order to make usernames and passwords to control access to topics.
Please read the mosqitto.conf and mosquitto_passwd man pages for details of the format of both these files
http://mosquitto.org/man/mosquitto-conf-5.html
http://mosquitto.org/man/mosquitto_passwd-1.html