I want to create isolated environments on a single MQTT server. Like a database server can have multiple schemas and table names can be repeated in different sachems. I want to have a "MQTT schema" where topics/subscriptions in one schema are isolated from those in another "MQTT schema" so that the same topic can be used in different schemas. It would be even better if security can be applied on a per schema basis but that would be asking for a lot. Right now, I am just looking for a way to have isolated environments on the same server - it will probably require a separate TCP port per schema just to identify the destination schema of a connecting client, as the protocol itself does not have have any concept of schema. Or the clients can be mapped to a particular schema based on the username or client ID.
Note: I am aware of how to use ACL to restrict topic access for each user. ACLs do not solve this problem. I don't simply want to restrict topic access, I want to create separate environment where users are free to do what the want with the topics without out me telling them which topic names they cannot use etc.
The other option is the mount_point configuration option that can be used with a listener declaration (man page).
mount_point topic prefix
This option is used with the listener option to isolate groups of clients. When a client connects to a listener which uses this option, the string argument is attached to the start of all topics for this client. This prefix is removed when any messages are sent to the client. This means a client connected to a listener with mount point example can only see messages that are published in the topic hierarchy example and above.
The difference between this and the other option (docker container) is that you can have listener declarations that can see all the traffic of all the different partitions by having a listener with no mount point.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments