Hi all, We have come across an impediment while trying to implement $subject.
According to MQTT protocol specifications mentioned above, the username and password is provided to broker by MQTT client only at the time of connection. After creating the connection, the client can subscribe to any topic and publish to any topic regardless of the tenant. Since the security information is not provided by MQTT client at subscribe time and publish time how can we implement security on them? Is it a good idea to keep the connection details of the client in memory and do the validation using them at publish and subscribe time? Thanks, Akalanka. On Thu, Apr 16, 2015 at 12:14 PM, Srinath Perera <[email protected]> wrote: > +1 > > On Fri, Apr 10, 2015 at 11:35 AM, Pamod Sylvester <[email protected]> wrote: > >> +1 to make it mandatory to provide username/password. Otherwise we might >> leave out a vulnerable system in hands. >> >> On Fri, Apr 10, 2015 at 11:30 AM, Akalanka Pagoda Arachchi < >> [email protected]> wrote: >> >>> Hi all, >>> >>> We are planning to implement tenant support for MQTT in Message Broker >>> 3.0.0. This requires a client to always provide a username and a password >>> when connecting from a tenant. >>> >>> However, MQTT specification [1] states that security is non normative >>> and therefore users can use the system with or without security. However, >>> we're planning to make an exception in this case to make authentication >>> mandatory for MQTT when connecting via a tenant. >>> >>> Thanks, >>> Akalanka >>> >>> >>> >>> [1] - >>> http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html#_Toc398718111 >>> >>> -- >>> *Darshana Akalanka Pagoda Arachchi,* >>> *Software Engineer* >>> *078-4721791 <078-4721791>* >>> >> >> >> >> -- >> *Pamod Sylvester * >> *Senior Software Engineer * >> Integration Technologies Team, WSO2 Inc.; http://wso2.com >> email: [email protected] cell: +94 77 7779495 >> > > > > -- > ============================ > Srinath Perera, Ph.D. > http://people.apache.org/~hemapani/ > http://srinathsview.blogspot.com/ > -- *Darshana Akalanka Pagoda Arachchi,* *Software Engineer* *078-4721791*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
