How add authentication in MQTT transport WSO2 Message broker

Question

I have created a sample Publish and subscribe model project using the WSO2 Message Broker.

import threading
import paho.mqtt.client as mqtt

def publish_1(client,topic):
    message="on"
    print("publish data")
    client.publish(topic,message)
    publish_1(client,topic)


broker="localhost"
topic_pub='/temperature123'
topic_sub='$SYS/#'

def on_connect(client, userdata, rc):
    print("Connected with result code "+str(rc))
    client.subscribe(topic_sub)


def on_message(client, userdata, msg):
    print(msg.topic+" "+str(msg.payload))

client = mqtt.Client()
client.on_connect = on_connect
client.on_message = on_message

client.connect(broker, 1883, 60)
thread1=threading.Thread(target=publish_1,args=(client,topic_pub))
thread1.start()

But there is no security in this implementation.

Can someone help me to setup a authentication in MQTT subscription in the WSO2 Message Broker? And i dont see any subscribed node information also in the WSO2 Message broker application https://localhost:9443/carbon

Answer 1

My experience is with Mosquitto not with WSO2 MB, but from a quick look at the WSO2 MB documentation it seems to support SSL which is the standard way of securing MQTT (https://docs.wso2.com/display/MB310/Enabling+SSL+Support). The process of doing this is quite simple, just distribute the proper keys and certificates then use tsl_set() to configure them in your script.

If you require subtler user / topic level controls it looks like they are provided through the larger WSO2 framework (https://docs.wso2.com/pages/viewpage.action?pageId=30540550#SecurityinWSO2MessageBroker/ApacheQpid-Auth). But I will leave it someone with more experience with WSO2 to explain your options there.

Edit: As an aside, it is seen as a bad practice to start a topic with a / because it creates a confusing / layer. I would just write the topic as "temperature123"