search

hassio-addons / addon-mqtt

MQTT Server & Web client - Home Assistant Community Add-ons
https://addons.community
MIT License
35 stars 15 forks source link

Anonymous access does not allow clients to publish #23

Closed rutberg closed 5 years ago

rutberg commented 5 years ago

Problem/Motivation

I only use MQTT locally, and have a few units that can report to HA through MQTT and plan to expand that. I want to keep thigs as simple as possible, this not using any authentication for publishing and subscribing to MQTT.

Expected behavior

When enabling anonymous access I expect that a client can connect, subscribe to topics and publish topics without supplying a username or password.

Actual behavior

The only way I can get a client to publish on MQTT is to set a username and password and using that. If I don't submit user/password the client can connect and subscribe, but not publish.

Steps to reproduce

Enabling anonymous access, connecting with client not using password/username, publishing to a topic. Log yeilds: "DENIED publish from..."

Proposed changes

(If you have a proposed change, workaround or fix, describe the rationale behind it)

addons-assistant[bot] commented 5 years ago

:wave: Thanks for opening your first issue here! If you're reporting a :bug: bug, please make sure you include steps to reproduce it. Also, logs, error messages and information about your hardware might be usefull.

ludeeus commented 5 years ago

@rutberg Please share your current configuration for this addon.

rutberg commented 5 years ago 
{
  "log_level": "debug",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": true
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": true
  },
  "mqttusers": [
    {
      "username": "CantBeBlank",
      "password": "CantBeBlank",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ]
}
ludeeus commented 5 years ago

If users are defined mosquitto will not allow anonymous access. if you want to use allow_anonymous, you can't define any mqttusers This can be done by setting that to this:

"mqttusers": []
rutberg commented 5 years ago

Thank you @ludeeus - that solved it.

In the beginning, I tried to test it by removing that omitting mqttusers

I.e.

{
  "log_level": "debug",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": true
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": true
  }
}

But that didn't work, and leaving the fields blank didn't work either. Thanks for the help with showing the third option 👍

addons-assistant[bot] commented 5 years ago

This thread has been automatically locked because it has not had recent activity. Please open a new issue for related bugs and link to relevant comments in this thread.