mosquitto icon indicating copy to clipboard operation
mosquitto copied to clipboard
verified publisher icon eclipse

How to deny writing on specific topic for anonymous users with ACL?

Open ahorn42 opened this issue 2 years ago • 1 comments

Hi,

I want to limit the write access to a specific topic for the anonymous users and allow it only for a known user. Also the anonymous users should be allowed to read and write all other topics.

Can this be archived with ACLs?

I tried the following without success:

# for anonymous users
topic readwrite #
topic read mySensitiveDevice/#

# for user myUserForSensitiveDevices
user myUserForSensitiveDevices
topic readwrite mySensitiveDevice/#

With the config from above the anonymous user can still write on mySensitiveDevice/myData.

I am using mosquitto 2.0.14.

Additionally I would like to add that the documentation at https://mosquitto.org/man/mosquitto-conf-5.html#idm44 could be improved, there isn't explained how different ACLs might overwrite each other (beside that deny overrules the others).

Thanks in advance and best regards!

ahorn42 avatar Jan 09 '23 00:01 ahorn42

I try the same without success so far.

DerHerrW avatar Apr 23 '24 15:04 DerHerrW