The passwords is different and I can see the published messages?

165 views Asked by At

In the below code snippet I declare a username and passqord for the subscription.

private final String userName = "user_1";
private final char[] password = "pass".toCharArray();
....
....
final MqttAndroidClient client_1 = new MqttAndroidClient(getApplicationContext(), serverURI,   
clientID, persistenceDataDir, Ack.AUTO_ACK);
MqttConnectOptions opts = new MqttConnectOptions();
opts.setCleanSession(false);
opts.setWill(WILL_TOPIC, WILL_MSG.getBytes(), QoS, false);
opts.setKeepAliveInterval(keepAliveInterval);
opts.setUserName(userName);
opts.setPassword(password);

I started the connection from the App with clean session = false and client ID = 1 without passwoed and username Provided, and I kept publishing (from the Pc to the broker) values of a topic I have subscribed to (from the App to the Broker.

Later in the subscribe message I set a pasword and username in my connection options, and did not specify the username and password to the publish message, and re-run the p. what happens is, I recieved the updated published values of the topic i am subsribed to.

After that, in the publish i specified a wrong username and password and subscriped to the same topic, and when i run the App, i receive the values normaly.

I am using the password and username wrongly?

To Note: I have tried the same procedure with different clientID and i receive the published values even with wrong password specified.

1

There are 1 answers

0
hardillb On

You need to set up a acl file and a password file in order to make usernames and passwords to control access to topics.

Please read the mosqitto.conf and mosquitto_passwd man pages for details of the format of both these files

http://mosquitto.org/man/mosquitto-conf-5.html

http://mosquitto.org/man/mosquitto_passwd-1.html