emqttd 通过 emqttd_plugin_pgsql Plugin 配置ACL

lingxue 发布于 2016/11/24 13:16
阅读 400
收藏 0

开源之夏第三届火热来袭,高校学生参与赢万元奖金!>>>

@emqtt 你好,想跟你请教个问题:

我使用的emqttd版本是1.0版本。

通过emqttd_plugin_pgsql 插件配置ACL访问控制,但是ACL一直没起作用,我修改的配置文件如下:

emqttd/data/loaded_plugins 如下:

emqttd_dashboard.
emqttd_plugin_pgsql.

emqttd/plugins/emqttd_plugin_pgsql/etc/plugin.config 如下:

[

  {emqttd_plugin_pgsql, [

    {pgsql_pool, [
        %% ecpool options
        {pool_size, 8},
        {pool_type, round_robin},
        {auto_reconnect, 3},

        %% pgsql options
        {host, "127.0.0.1"},
        {port, 5432},
        {ssl, false},
        {username, "postgres"},
        {password, "postgres"},
        {database, "mqtt"},
        {encoding,  utf8}
    ]},

    %% select password only
    %%{authquery, "select password from mqtt_user where username = '%u' limit 1"},

    %% hash algorithm: plain, md5, sha, sha256, pbkdf2?
    %%{password_hash, sha256},

    %% select password with salt
    %% {authquery, "select password, salt from mqtt_user where username = '%u'"},

    %% sha256 with salt prefix
    %% {password_hash, {salt, sha256}},

    %% sha256 with salt suffix
    %% {password_hash, {sha256, salt}},

    %% Comment this query, the acl will be disabled. Notice: don't edit this query!
    {aclquery, "select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'"},

    %% If no rules matched, return...
    {acl_nomatch, deny}
  ]}
].

测试时候发现,即使acl_nomatch的请求,仍然可以正常publish  subscribe,感觉ACL根本就没起作用。请教大家,除了这两个文件,还需要配置别的什么吗?

加载中
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部
返回顶部
顶部