##-------------------------------------------------------------------- ## HTTP Auth/ACL Plugin ##-------------------------------------------------------------------- ##------------------------------------------------------------------------------ ## SSL options ## Path to the file containing PEM-encoded CA certificates. The CA certificates ## are used during server authentication and when building the client certificate chain. ## ## Value: File ## auth.http.ssl.cacertfile = /etc/emqx/certs/ca.pem ## The path to a file containing the client's certificate. ## ## Value: File ## auth.http.ssl.certfile = /etc/emqx/certs/client-cert.pem ## Path to a file containing the client's private PEM-encoded key. ## ## Value: File ## auth.http.ssl.keyfile = /etc/emqx/certs/client-key.pem ##-------------------------------------------------------------------- ## HTTP Request Headers ## ## Example: auth.http.header.Accept-Encoding = * ## ## Value: String ## auth.http.header.Accept = */* ##-------------------------------------------------------------------- ## Authentication request. ## ## Variables: ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %P: password ## - %p: sockport of server accepted ## - %C: common name of client TLS cert ## - %d: subject of client TLS cert ## ## Value: URL auth.http.auth_req = http://localhost:8080/iot/tool/mqtt/auth ## Value: post | get | put auth.http.auth_req.method = post ## Value: Params auth.http.auth_req.params = clientid=%c,username=%u,password=%P ##-------------------------------------------------------------------- ## Superuser request. ## ## Variables: ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %P: password ## - %p: sockport of server accepted ## - %C: common name of client TLS cert ## - %d: subject of client TLS cert ## ## Value: URL # auth.http.super_req = http://127.0.0.1:8991/mqtt/superuser ## Value: post | get | put # auth.http.super_req.method = post ## Value: Params # auth.http.super_req.params = clientid=%c,username=%u ##-------------------------------------------------------------------- ## ACL request. ## ## Variables: ## - %A: 1 | 2, 1 = sub, 2 = pub ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %m: mountpoint ## - %t: topic ## ## Value: URL # auth.http.acl_req = http://127.0.0.1:8991/mqtt/acl ## Value: post | get | put # auth.http.acl_req.method = get ## Value: Params # auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m ##------------------------------------------------------------------------------ ## Http Reqeust options ## Time-out time for the http request, 0 is never timeout. ## ## Value: Duration ## -h: hour, e.g. '2h' for 2 hours ## -m: minute, e.g. '5m' for 5 minutes ## -s: second, e.g. '30s' for 30 seconds ## ## Default: 0 ## auth.http.request.timeout = 0 ## Connection time-out time, used during the initial request ## when the client is connecting to the server ## ## Value: Duration ## ## Default is same with the timeout option ## auth.http.request.connect_timout = 0 ## Re-send http reuqest times ## ## Value: integer ## ## Default: 3 auth.http.request.retry_times = 3 ## The interval for re-sending the http request ## ## Value: Duration ## ## Default: 1s auth.http.request.retry_interval = 1s ## The 'Exponential Backoff' mechanism for re-sending request. The actually ## re-send time interval is `interval * backoff ^ times` ## ## Value: float ## ## Default: 2.0 auth.http.request.retry_backoff = 2.0